diff options
author | lloyd <[email protected]> | 2009-07-25 12:23:14 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2009-07-25 12:23:14 +0000 |
commit | c9f92c0c07634c3a2aa73a8f3d3660ba39d76fde (patch) | |
tree | 68783b8fa53c3c89360f7fd430e19d9c71748680 /src/entropy | |
parent | 26fa799af0d362a37a80e1c666e738d3674fc25e (diff) |
Two changes to proc_walk:
Don't read any file that is not world-readable. This avoids trouble when
running as root, since on Linux various special files can cause odd
interactions and/or blocking behavior when read (for instance /proc/kmsg).
ssumption is that no such files are world-readable. This also avoids any
issue of reading data that is potentially sensitive.
Instead of reading the first 1 KB of each file, only read the first 128
bytes. This prevents large files (like /proc/config.gz or /proc/kallsyms)
from swamping the input buffer; these inputs are pretty static and
shouldn't count for much. Reducing to 128 bytes causes a poll to read
about 400 different files, rather than ~30.
Diffstat (limited to 'src/entropy')
-rw-r--r-- | src/entropy/proc_walk/es_ftw.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/entropy/proc_walk/es_ftw.cpp b/src/entropy/proc_walk/es_ftw.cpp index fe9dfec38..2016f099a 100644 --- a/src/entropy/proc_walk/es_ftw.cpp +++ b/src/entropy/proc_walk/es_ftw.cpp @@ -81,7 +81,7 @@ int Directory_Walker::next_fd() if(S_ISDIR(stat_buf.st_mode)) add_directory(full_path); - else if(S_ISREG(stat_buf.st_mode)) + else if(S_ISREG(stat_buf.st_mode) && (stat_buf.st_mode & S_IROTH)) { int fd = ::open(full_path.c_str(), O_RDONLY | O_NOCTTY); @@ -118,7 +118,7 @@ void FTW_EntropySource::poll(Entropy_Accumulator& accum) if(!dir) dir = new Directory_Walker(path); - MemoryRegion<byte>& io_buffer = accum.get_io_buffer(2048); + MemoryRegion<byte>& io_buffer = accum.get_io_buffer(128); for(u32bit i = 0; i != MAX_FILES_READ_PER_POLL; ++i) { |