Re: [PATCH] disallow modular capabilities

From: Christoph Hellwig
Date: Tue Jan 04 2005 - 16:16:55 EST

Next message: Pavel Machek: "Re: starting with 2.7"
Previous message: Christoph Lameter: "page fault scalability patch V14 [4/7]: i386 atomic pte operations"
In reply to: Linus Torvalds: "Re: [PATCH] disallow modular capabilities"
Next in thread: Chris Wright: "Re: [PATCH] disallow modular capabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jan 04, 2005 at 01:05:29PM -0800, Linus Torvalds wrote:
>
>
> On Tue, 4 Jan 2005, Lee Revell wrote:
> >
> > And I posted this to LKML almost a week ago, and a real fix was posted
> > in response.
> >
> > http://lkml.org/lkml/2004/12/28/112
>
> Well, I realize that it has been on bugtraq, but does that make it a real
> concern? I'll make the tristate a boolean, but has anybody half-way sane
> ever _done_ what is described by the bugtraq posting? IOW, it looks pretty
> much like a made-up example, also known as a "don't do that then" kind of
> buglet ;)

I don't think this particular one is too serious. But I think we'll see
more serious issues with other modular security modules.

The security modules aren't really as isolated as all the driver modules
we have as they're deeply interwinded with the process/file/etc state.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pavel Machek: "Re: starting with 2.7"
Previous message: Christoph Lameter: "page fault scalability patch V14 [4/7]: i386 atomic pte operations"
In reply to: Linus Torvalds: "Re: [PATCH] disallow modular capabilities"
Next in thread: Chris Wright: "Re: [PATCH] disallow modular capabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]