LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Complexity

Complexity

Posted Sep 24, 2004 3:59 UTC (Fri) by dododge (subscriber, #2870)
In reply to: Complexity by walters
Parent article: An introduction to SELinux

As for complexity, Stephen Smalley explains it elegantly.

The stuff going on under the hood of a Linux machine can be quite surprising.

One of my favorite examples is the "cardmgr" program, part of the PCMCIA suite. When the program starts up, it creates a new device file with a somewhat unpredictable name based on PID and a one-up counter. It does this in one of several directories; it has a list of places it tries, and no, "/dev" is not at the front of that list. It then opens the device and unlinks the file while holding it open. It does this multiple times and it all happens very quickly. As a sysadmin you are very unlikely to ever come across one of these device files or even know that this is going on. See the "open_dev" function in "cardmgr.c" for the details; it's still there in the current 3.8.2 release.

Aside: pcmcia-cs even had compile-time shenanigans that could bite you. It made its own copy of the kernel's configuration header for its modules to include, but it only bothered to copy the config settings that it knew about and thought were important. If you had a kernel patch (such as LSM) that added new config settings, the PCMCIA code would ignore them and its modules would be compiled without them. If those config settings resulted in changes to the size and layout of kernel data structures (which LSM certainly did), then loading one of those PCMCIA modules could easily wreak havoc with kernel data.

Now that things like LSM and the PCMCIA modules are all in-tree it shouldn't be a problem, though if you were to build your modules out-of-tree from the pcmcia-cs package it might still do this.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds