Re: [PATCH 2 of 4] ima: related Makefile compile order change andReadme
From: Reiner Sailer
Date: Wed May 25 2005 - 10:35:01 EST
Pavel Machek <pavel@xxxxxx> wrote on 05/25/2005 11:06:01 AM:
> > If I understand you, then you are claiming that steps (ii) to (v)
> > introduce buffer overflows in bash or show_etc_issue. How?
> No, I'm not claiming that. You are certainly *not* introducing any new
> But some problems that used to be harmless (buffer overrun in
> show_etc_issue command) are not harmless any more.
How is a buffer overrun in a script/application less "harmless" with IMA?
Please be specific. Preliminary IMA patches are out on the mailing lists.
The only thing that IMA does with respect to existing known buffer
overruns is that it enables remote parties to know that there is an application
with a known buffer overrun if this application/script was measured. Such
information is sensitive and this is one reason why direct access to the
measurements are restricted to authorized/trusted parties.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/