[ Resent, this seems to have gotten dropped by something. Sorry if it
shows up twice ]
On Sun, Oct 23, 2011 at 2:08 AM, Kevin Easton <kevin@xxxxxxxxxxx> wrote:
Won't this still allow silent probing, because the malicious user can
just try to create the mapping, then check in /proc/self/maps to see
if it really worked?
Yup, right you are.
So we shouldn't do that either, and probably just leave the current
semantics, unless Roland (or others) can convince me that complicating
the kernel mmap security model really is worth it.
Linus