Re: [PATCH] KERN_SETUID_DUMPABLE in /proc/sys/fs/

[Andrew Morton]

Arjan van de Ven <arjan@xxxxxxxxxxxxx> wrote:
>
> On Fri, 2006-03-10 at 14:56 -0800, Andrew Morton wrote:
> > Kurt Garloff <garloff@xxxxxxx> wrote:
> > >
> > > Diffing in sysctl.c is tricky, using more context is recommended.
> > > suid_dumpable ended up in fs/ instead of kernel/ and the reason
> > > is likely a patch with too little context.
> > 
> > It's been in kernel/ since 2.6.13.  What will break if we move it?
> > 
> > This is security-related.  If we move it we risk unsecuring people's
> > machines...
> 
> only a very little bit since the default value is "secure", the option
> is to make it "insecure"...

OK, that's a good point.

> but yeah by this time we should just bite the bullet and rename the
> variable rather than move it about

That wouldn't help - we'll still break existing scripts.

crap.  I tend to think we leave it where it is - it's only a cosmetic
irritation, isn't it?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/