Re: [PATCH 1/2] LSM: Do not apply mmap_min_addr check to PROT_NONEmappings

From: Kevin Easton
Date: Sun Oct 23 2011 - 02:10:21 EST

Next message: Dave Airlie: "Re: Linux 3.1-rc10"
Previous message: Mauro Carvalho Chehab: "Re: [PATCH 00/36] Staging: cx25821: Clean up patch series"
In reply to: Linus Torvalds: "Re: [PATCH 1/2] LSM: Do not apply mmap_min_addr check to PROT_NONE mappings"
Next in thread: Roland McGrath: "Re: [PATCH 1/2] LSM: Do not apply mmap_min_addr check to PROT_NONE mappings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Quoting Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>:

[ Resent, this seems to have gotten dropped by something. Sorry if it
shows up twice ]

My fault, looks like lkml.org trims the CC list to an unreasonably small
value.

On Sun, Oct 23, 2011 at 2:08 AM, Kevin Easton <kevin@xxxxxxxxxxx> wrote:

Won't this still allow silent probing, because the malicious user can
just try to create the mapping, then check in /proc/self/maps to see
if it really worked?

Yup, right you are.

So we shouldn't do that either, and probably just leave the current
semantics, unless Roland (or others) can convince me that complicating
the kernel mmap security model really is worth it.

Linus

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dave Airlie: "Re: Linux 3.1-rc10"
Previous message: Mauro Carvalho Chehab: "Re: [PATCH 00/36] Staging: cx25821: Clean up patch series"
In reply to: Linus Torvalds: "Re: [PATCH 1/2] LSM: Do not apply mmap_min_addr check to PROT_NONE mappings"
Next in thread: Roland McGrath: "Re: [PATCH 1/2] LSM: Do not apply mmap_min_addr check to PROT_NONE mappings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]