Re: New Security Features, Please Comment

From: Alan Cox
Date: Wed Dec 03 2008 - 05:29:35 EST

> The idea is to not allow the child to change its own uid, or give the
> child any elevated privlages so that should the child be compromised via
> buffer overflow or some other bug, it cant be abused.

But the child process can modify itself, it can open files etc.

So as uid 1 I patch my own code to add a function call to a private
function that will be called regularly. Now as the other uids are
selected I am able to attack all those users file stores.

I don't think your model actually works.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at