kernel-hardening - Re: procfs {tid,tgid,attr}

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <20110810133409.GA31342@openwall.com>
Date: Wed, 10 Aug 2011 17:34:09 +0400
From: Solar Designer <solar@...nwall.com>
To: kernel-hardening@...ts.openwall.com
Subject: Re: procfs {tid,tgid,attr}_allowed mount options

On Wed, Aug 10, 2011 at 04:04:39PM +0400, Vasiliy Kulikov wrote:
> On Wed, Aug 10, 2011 at 15:25 +0400, Solar Designer wrote:
> > That's a lot of code already.
> 
> Yes, so I'd try to get comments from net-less and gid-less patch first.
> Probably the whole way of permissions handling would be ridicules for
> kernel forlk :)

I feel that you may have treated Andrew Morton's suggestion too
seriously.  I think he was hoping for something not only more general,
but also simple.

With your invasive changes, even checking for (lack of) potential new
vulnerabilities (such as lack of ptrace check where it previously existed
and was needed) feels non-trivial.  Or maybe I just did not look closely
enough.

Perhaps run this by LKML as RFC and see what they think?  And be willing
to revert to your old approach, with more hard-coding, now that you have
this arguably overly complicated alternative.  Maybe it will convince
Andrew Morton that something simpler and less flexible would be better.

Thanks,

Alexander

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.