Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20110702073625.GA3318@albatros>
Date: Sat, 2 Jul 2011 11:36:25 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: Balbir Singh <bsingharora@...il.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>,
	Al Viro <viro@...iv.linux.org.uk>,
	David Rientjes <rientjes@...gle.com>,
	Stephen Wilson <wilsons@...rt.ca>,
	KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>,
	security@...nel.org, Eric Paris <eparis@...hat.com>,
	kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH 2/2] taskstats: restrict access to user

On Thu, Jun 30, 2011 at 00:17 +0400, Vasiliy Kulikov wrote:
> On Wed, Jun 29, 2011 at 06:57 +0530, Balbir Singh wrote:
> > On Fri, Jun 24, 2011 at 5:39 PM, Vasiliy Kulikov <segoon@...nwall.com> wrote:
> > > +               task = find_task_by_vpid(s->pid);
> > > +               if (!task || __task_cred(task)->euid != cred->euid) {
> 
> If consider this patch for inclusion, it also needs some check for
> the listener root ability.  __task_cred(task)->euid == 0 or smth like
> that.  But ptrace_task_may_access_current() is better.

So...  What to do with this patch?  Should I resend it with euid==0 and
rcu optimication, wait for the new ptrace interface or what?


Thanks,

-- 
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.