Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges

From: Alan Cox
Date: Fri Jan 01 2010 - 09:43:34 EST

Next message: David: "Re: 2.6.33-rc1 - Weird hard hangs when rendering 'some' web-sitesin Firefox"
Previous message: Alan Cox: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
In reply to: Peter Dolding: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Next in thread: David Wagner: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 31 Dec 2009 17:55:27 +0000 (UTC)
daw@xxxxxxxxxxxxxxx (David Wagner) wrote:

> Alan Cox wrote:
> >Removing specific features from a specific piece of code
> >generally isn't a security feature -
>
> You lost me there. The ability of a specific piece of code to voluntarily
> relinquish privileges can be a big benefit to security.

Can be - but its historically been an endless source of bugs and flaws
because the code being run after you take the rights away is being run in
an environment it didn't expect and wasn't tested in.

>From inanities like setting the file size limit to 0 and running passwd
blanking the password file (SGI Irix) to closing file handle 0 or setting
cpu quotas to make a forked daemon process die unexpectedly the list is
endless.

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David: "Re: 2.6.33-rc1 - Weird hard hangs when rendering 'some' web-sitesin Firefox"
Previous message: Alan Cox: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
In reply to: Peter Dolding: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Next in thread: David Wagner: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]