Re: [RFC][PATCH] exec: Use init rlimits for setuid exec

From: Linus Torvalds
Date: Mon Jul 10 2017 - 12:18:19 EST

Next message: Paolo Bonzini: "Re: RFC: Task switch emulation fails for VM86 mode"
Previous message: David Sterba: "Re: [PATCH 01/14] VFS: Don't use save/replace_mount_options if not using generic_show_options"
In reply to: Kees Cook: "Re: [RFC][PATCH] exec: Use init rlimits for setuid exec"
Next in thread: Willy Tarreau: "Re: [RFC][PATCH] exec: Use init rlimits for setuid exec"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 10, 2017 at 9:12 AM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> Sounds good to me, but won't large-memory users in 32-bit get annoyed?

We'll see.

I suspect that all large-memory users have long since upgraded to
x86-64 (rule of thumb: if you are upgrading kernels today, you
probably upgraded hardware ten years ago), and that this may be a
non-issue today.

But only time will tell.

I certainly prefer "keep it simple" over theoretical concerns. It's
why I prefer that unconditional stack limit too - we may have to make
it conditional on suid'ness or something like the ELF PT_GNU_STACK
setting, but before over-designing things, let's see if anybody even
cares.

Linus

Next message: Paolo Bonzini: "Re: RFC: Task switch emulation fails for VM86 mode"
Previous message: David Sterba: "Re: [PATCH 01/14] VFS: Don't use save/replace_mount_options if not using generic_show_options"
In reply to: Kees Cook: "Re: [RFC][PATCH] exec: Use init rlimits for setuid exec"
Next in thread: Willy Tarreau: "Re: [RFC][PATCH] exec: Use init rlimits for setuid exec"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]