Re: [PATCH] Enhanced Trusted Path Execution (TPE) Linux Security Module
From: Felipe Alfaro Solana
Date: Thu Jan 06 2005 - 13:50:23 EST
On 6 Jan 2005, at 15:50, Lorenzo Hernández García-Hierro wrote:
The two biggest issues are 1) it's trivial to bypass:
$ /lib/ld.so /untrusted/path/to/program
and 2) that there's no (visible/vocal) user base calling for the
feature.
About the point 1), yesterday i wrote just a simple regression test
(that can be found at the same place as the patch) and of course it
bypasses, this is an old commented problem, Stephen suggested the use
of
the mmap and mprotect hooks, so, i will have a look at them but i'm not
sure on how to (really) prevent the dirty,old trick.
About 2), just give it a chance, maybe it's useful and my work is not
completely nonsense.
Well, I'm not a visible/vocal user base, but I do really like this TPE
LSM module.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/