Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 3 Jun 2017 12:39:03 +0200
From: Jann Horn <>
To: Matt Brown <>
	kernel list <>,, 
	Kernel Hardening <>
Subject: Re: [PATCH v1 1/1] Add Trusted Path Execution as a
 stackable LSM

On Sat, Jun 3, 2017 at 7:53 AM, Matt Brown <> wrote:
> This patch was modified from Brad Spengler's Trusted Path Execution (TPE)
> feature in Grsecurity and also incorporates logging ideas from
> cormander's tpe-lkm.
> Modifications from the Grsecurity implementation of TPE were made to
> turn it into a stackable LSM using the existing LSM hook bprm_set_creds.
> Also, denial messages were improved by including the full path of the
> disallowed program. (This idea was taken from cormander's tpe-lkm)
> Threat Models:
> 2. Attacker on system replaces binary used by a privileged user with a
>    malicious one
> *  This situation arises when administrator of a system leaves a binary
>    as world writable.
> *  TPE is very effective against this threat model

How do you end up with world-writable binaries in $PATH?

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.