Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)

From: Lars Marowsky-Bree
Date: Mon Apr 24 2006 - 04:27:33 EST

Next message: Laurent MEYER: "Re: [patch 02/22] powerpc: fix incorrect SA_ONSTACK behaviour for64-bit processes"
Previous message: Lars Marowsky-Bree: "Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)"
In reply to: Lars Marowsky-Bree: "Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)"
Next in thread: Arjan van de Ven: "Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7]implementation of LSM hooks)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2006-04-23T16:58:47, Thomas Bleher <bleher@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

> Later, the admin decides to save space, deletes the bin/ directory and
> instead links /bin/ls into the chroot. Suddenly the system is easily
> exploitable.

Security models can be compromised by root or by dumb accomplices. Film
at eleven.

Seriously, this is not helpful. Could we instead focus on the technical
argument wrt the kernel patches?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Laurent MEYER: "Re: [patch 02/22] powerpc: fix incorrect SA_ONSTACK behaviour for64-bit processes"
Previous message: Lars Marowsky-Bree: "Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)"
In reply to: Lars Marowsky-Bree: "Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)"
Next in thread: Arjan van de Ven: "Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7]implementation of LSM hooks)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]