Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1484591068.1277.3.camel@gmail.com>
Date: Mon, 16 Jan 2017 13:24:28 -0500
From: Daniel Micay <danielmicay@...il.com>
To: kernel-hardening@...ts.openwall.com, linux-kernel@...r.kernel.org
Cc: Andrew Morton <akpm@...ux-foundation.org>, Kees Cook
 <keescook@...omium.org>,  Lafcadio Wluiki <wluikil@...il.com>, Djalal
 Harouni <tixxdz@...il.com>
Subject: Re: [PATCH v4 2/2] procfs/tasks: add a simple
 per-task procfs hidepid= field

> This should permit Linux distributions to more comprehensively lock
> down
> their services, as it allows an isolated opt-in for hidepid= for
> specific services. Previously hidepid= could only be set system-wide,
> and then specific services had to be excluded by group membership,
> essentially a more complex concept of opt-out.

I think it's a lot easier for them to introduce a proc group and then
figure out the very few exceptions that are needed vs. requiring a huge
number of opt-ins. I don't think the issue is difficulty in deploying
it, it's lack of interest. Android deployed it in 7.x without any major
issues. A good way to get people to use it would be adding proc groups
to major distributions and getting systemd to expose a simple toggle for
this, instead of requiring users to add /proc to fstab (not there by
default with systemd) and hard-wired the correct proc gid for that
distribution. Can then file bugs for packages needing the proc group.
For systemd itself, logind needs it since it drops the capability that
allows bypassing it. Other than that, it's mostly just polkit.
Download attachment "signature.asc" of type "application/pgp-signature" (867 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.