Re: Security fix for remapping of page 0 (was [PATCH] ChangeZERO_SIZE_PTR to point at unmapped space)

[Alan Cox]

> > You need it in the default (no security) version of security_file_mmap()
> > in security.h not hard coded into do_mmap_pgoff, and leave the one in
> > cap_* alone.
> 
> But that would still leave it up to the security "models" to check
> for basic security issues.

Correct. You have no knowledge of the policy at the higher level. In the
SELinux case security labels are used to identify code which is permitted
to map low pages. That means the root/RAW_IO security sledgehammer can be
replaced with a more secure labelling system.

Other policy systems might do it on namespaces (perhaps /bin
and /usr/bin mapping zero OK, /home not etc)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/