Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110703180028.GA26742@albatros>
Date: Sun, 3 Jul 2011 22:00:28 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: Serge Hallyn <serge.hallyn@...onical.com>
Cc: akpm@...ux-foundation.org, mm-commits@...r.kernel.org,
	daniel.lezcano@...e.fr, ebiederm@...ssion.com, mingo@...e.hu,
	oleg@...hat.com, rdunlap@...otime.net, tj@...nel.org,
	kernel-hardening@...ts.openwall.com
Subject: Re: + ipc-introduce-shm_rmid_forced-sysctl.patch added to -mm tree

On Thu, Jun 30, 2011 at 17:57 +0400, Vasiliy Kulikov wrote:
> > So shp should store a reference to the struct pid, which you can check
> > here?  I think that'll do exactly what you need.
> 
> Documentation/namespaces/compatibility-list.txt says that IPC and PID
> namespaces have not been fully separated yet.

Looks like I've misunderstood the documentation.  It says that
identifiers from the same ipc namespace shouldn't travel between
different pid namespaces, not about incomplete implementaiton.   So yes,
storing pid or task will help.  I'll send a patch after some testing.


Thanks,

-- 
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.