Re: New Solaris 7 features

Jeremy Fitzhardinge (jsgf@sirius.com)
Thu, 12 Nov 1998 18:06:23 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: root: "an error of great concern"
Previous message: H. Peter Anvin: "Re: Dropped frames in video capture process"
In reply to: Albert D. Cahalan: "Re: New Solaris 7 features"
Next in thread: Alan Cox: "Re: Comments on Microsoft Open Source documentA"
Reply: Alan Cox: "Re: Comments on Microsoft Open Source documentA"

On 12-Nov-98 Albert D. Cahalan wrote:
> Note that executables owned by root could be exempt from checking.
> As long as root owns the JIT compiler, it can run at full speed.

Not really. Conferring extra priviledge onto an executable for merely being
owned by root breaks the well-known security model. It would be easy for
someone to chown an executable to root (without suid/gid bits) without being
aware of the consequences for a Sparc Linux box with 64-bit executables.

This discussion is pretty moot - until there's a clear idea of what sequences
cause problems, there's not much point trying to design a solution. If it's
a matter of simply not allowing mappings in the lower or upper 2^30 bytes of the
address space, that's pretty low cost. If its worse than that, then we need to
think crefully about it.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: root: "an error of great concern"
Previous message: H. Peter Anvin: "Re: Dropped frames in video capture process"
In reply to: Albert D. Cahalan: "Re: New Solaris 7 features"
Next in thread: Alan Cox: "Re: Comments on Microsoft Open Source documentA"
Reply: Alan Cox: "Re: Comments on Microsoft Open Source documentA"