Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 14 Jun 2017 16:34:11 +0200
From: Jann Horn <>
To: Solar Designer <>
Cc: Matt Brown <>, Kernel Hardening <>
Subject: Re: Re: [PATCH v2 1/1] Add Trusted Path Execution
 as a stackable LSM

On Wed, Jun 14, 2017 at 4:33 PM, Jann Horn <> wrote:
> On Wed, Jun 14, 2017 at 4:28 PM, Solar Designer <> wrote:
>> On Wed, Jun 14, 2017 at 03:15:22PM +0200, Jann Horn wrote:
>>> Some random related issues:
>>> Scripts with shebang lines like "#!/usr/bin/env python" probably wouldn't
>>> work anymore, at least not without special-case logic, because in this case,
>>> env has to invoke python.
>> Why would this break?  If both env and python are in trusted paths, it
>> should work with TPE just fine.  (But then TPE is rather ineffective.)
> I think somewhere in this thread, or a related one, it was suggested to have
> some mechanism to only prevent execution of e.g. python as an interpreter,
> not direct execution.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.