Re: NFS4 authentification / fsuid

From: J. Bruce Fields
Date: Thu Sep 06 2007 - 11:11:34 EST

Next message: Johannes Berg: "Re: BUG: scheduling while atomic: ifconfig/0x00000002/4170"
Previous message: Romano Giannetti: "Re: hda_intel : Patch + Regression in 2.6.18 -> 2.6.22"
In reply to: Satyam Sharma: "Re: NFS4 authentification / fsuid"
Next in thread: Trond Myklebust: "Re: NFS4 authentification / fsuid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 06, 2007 at 01:59:50PM +0530, Satyam Sharma wrote:
> Oh and btw, note that we're talking of the (lack of) security of a
> "running kernel" here -- because across reboots, there is /really/
> *absolutely* no such thing as "kernelspace security" because the superuser
> will simply switch the vmlinuz itself ...

Well, the machine could be booting from cdrom, and could live in a
locked machine room. Or people with root on a virtual host don't
necessarily have the ability to replace the kernel for that host.

--b.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Johannes Berg: "Re: BUG: scheduling while atomic: ifconfig/0x00000002/4170"
Previous message: Romano Giannetti: "Re: hda_intel : Patch + Regression in 2.6.18 -> 2.6.22"
In reply to: Satyam Sharma: "Re: NFS4 authentification / fsuid"
Next in thread: Trond Myklebust: "Re: NFS4 authentification / fsuid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]