UBIFS: restrict world-writable debugfs files

BugLink: http://bugs.launchpad.net/bugs/769042

commit 8c559d30b4e59cf6994215ada1fe744928f494bf upstream.

Don't allow everybody to dump sensitive information about filesystems.

Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Leann Ogasawara <leann.ogasawara@canonical.com>

diff --git a/fs/ubifs/debug.c b/fs/ubifs/debug.c
index 5b9e985..b67ed36 100644 (file)
--- a/fs/ubifs/debug.c
+++ b/fs/ubifs/debug.c
@@ -2844,19 +2844,19 @@ int dbg_debugfs_init_fs(struct ubifs_info *c)
        }
 
        fname = "dump_lprops";
-       dent = debugfs_create_file(fname, S_IWUGO, d->dfs_dir, c, &dfs_fops);
+       dent = debugfs_create_file(fname, S_IWUSR, d->dfs_dir, c, &dfs_fops);
        if (IS_ERR(dent))
                goto out_remove;
        d->dfs_dump_lprops = dent;
 
        fname = "dump_budg";
-       dent = debugfs_create_file(fname, S_IWUGO, d->dfs_dir, c, &dfs_fops);
+       dent = debugfs_create_file(fname, S_IWUSR, d->dfs_dir, c, &dfs_fops);
        if (IS_ERR(dent))
                goto out_remove;
        d->dfs_dump_budg = dent;
 
        fname = "dump_tnc";
-       dent = debugfs_create_file(fname, S_IWUGO, d->dfs_dir, c, &dfs_fops);
+       dent = debugfs_create_file(fname, S_IWUSR, d->dfs_dir, c, &dfs_fops);
        if (IS_ERR(dent))
                goto out_remove;
        d->dfs_dump_tnc = dent;