Re: [PATCH 4/10] Fix leaking of kernel heap addresses in net/

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Dan Rosenberg <drosenberg@vsecurity.com>
To: Stephen Hemminger <shemminger@vyatta.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>,
	David Miller <davem@davemloft.net>,
	socketcan@hartkopp.net, kuznet@ms2.inr.ac.ru,
	urs.thuermann@volkswagen.de, yoshfuji@linux-ipv6.org,
	kaber@trash.net, jmorris@namei.org,
	remi.denis-courmont@nokia.com, pekkas@netcore.fi, sri@us.ibm.com,
	vladislav.yasevich@hp.com, tj@kernel.org, lizf@cn.fujitsu.com,
	joe@perches.com, hadi@mojatatu.com, ebiederm@xmission.com,
	adobriyan@gmail.com, jpirko@redhat.com, johannes.berg@intel.com,
	daniel.lezcano@free.fr, xemul@openvz.org,
	socketcan-core@lists.berlios.de, netdev@vger.kernel.org,
	linux-sctp@vger.kernel.org, torvalds@linux-foundation.org
Subject: Re: [PATCH 4/10] Fix leaking of kernel heap addresses in net/
Date: Fri, 12 Nov 2010 17:24:42 +0000	[thread overview]
Message-ID: <1289582682.3090.323.camel@Dan> (raw)
In-Reply-To: <20101112083315.096dfaa3@nehalam>

> 
> Also, the whole idea needs to be under a config option, so only
> the paranoid idiots turn it on.

If that's what's necessary to get it accepted, I'm willing to do that.
But when a solution does not negatively impact usability or performance
and improves security, even in a small way, why should it not be enabled
by default?  Of course it's my responsibility to first propose a
solution that is acceptable from a usability/debugging standpoint, but
assuming that can be achieved, I don't really see what the problem is.
There's a difference between being a "paranoid idiot" and wanting to
protect users from unnecessary exposure.

-Dan

WARNING: multiple messages have this Message-ID (diff)

From: Dan Rosenberg <drosenberg@vsecurity.com>
To: Stephen Hemminger <shemminger@vyatta.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>,
	David Miller <davem@davemloft.net>,
	socketcan@hartkopp.net, kuznet@ms2.inr.ac.ru,
	urs.thuermann@volkswagen.de, yoshfuji@linux-ipv6.org,
	kaber@trash.net, jmorris@namei.org,
	remi.denis-courmont@nokia.com, pekkas@netcore.fi, sri@us.ibm.com,
	vladislav.yasevich@hp.com, tj@kernel.org, lizf@cn.fujitsu.com,
	joe@perches.com, hadi@mojatatu.com, ebiederm@xmission.com,
	adobriyan@gmail.com, jpirko@redhat.com, johannes.berg@intel.com,
	daniel.lezcano@free.fr, xemul@openvz.org,
	socketcan-core@lists.berlios.de, netdev@vger.kernel.org,
	linux-sctp@vger.kernel.org, torvalds@linux-foundation.org
Subject: Re: [PATCH 4/10] Fix leaking of kernel heap addresses in net/
Date: Fri, 12 Nov 2010 12:24:42 -0500	[thread overview]
Message-ID: <1289582682.3090.323.camel@Dan> (raw)
In-Reply-To: <20101112083315.096dfaa3@nehalam>

> 
> Also, the whole idea needs to be under a config option, so only
> the paranoid idiots turn it on.

If that's what's necessary to get it accepted, I'm willing to do that.
But when a solution does not negatively impact usability or performance
and improves security, even in a small way, why should it not be enabled
by default?  Of course it's my responsibility to first propose a
solution that is acceptable from a usability/debugging standpoint, but
assuming that can be achieved, I don't really see what the problem is.
There's a difference between being a "paranoid idiot" and wanting to
protect users from unnecessary exposure.

-Dan

next prev parent reply	other threads:[~2010-11-12 17:24 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-11-12  1:07 [PATCH 4/10] Fix leaking of kernel heap addresses in net/ Dan Rosenberg
2010-11-12  1:07 ` Dan Rosenberg
2010-11-12  1:10 ` David Miller
2010-11-12  1:10   ` David Miller
2010-11-12  1:20   ` Dan Rosenberg
2010-11-12  1:20     ` Dan Rosenberg
2010-11-12  2:02     ` David Miller
2010-11-12  2:02       ` David Miller
2010-11-12  2:15 ` Dan Rosenberg
2010-11-12  2:15   ` Dan Rosenberg
     [not found]   ` <2129857903-1289528127-cardhu_decombobulator_blackberry.rim.net-1506931048--JnVBb1XAImjjL2gL5RxOEzYg3SYOavFBmZ6FRVpaDsI@public.gmane.org>
2010-11-12  2:29     ` David Miller
2010-11-12  2:29       ` David Miller
2010-11-12  2:34       ` Dan Rosenberg
2010-11-12  2:34         ` Dan Rosenberg
2010-11-12  2:49         ` David Miller
2010-11-12  2:49           ` David Miller
2010-11-12  2:51           ` Dan Rosenberg
2010-11-12  2:51             ` Dan Rosenberg
2010-11-12  2:59             ` David Miller
2010-11-12  2:59               ` David Miller
2010-11-12  7:23         ` Eric Dumazet
2010-11-12  7:23           ` Eric Dumazet
2010-11-12 12:37           ` Dan Rosenberg
2010-11-12 12:37             ` Dan Rosenberg
2010-11-12 16:33           ` Stephen Hemminger
2010-11-12 16:33             ` Stephen Hemminger
2010-11-12 17:24             ` Dan Rosenberg [this message]
2010-11-12 17:24               ` Dan Rosenberg
2010-11-12 18:33               ` Stephen Hemminger
2010-11-12 18:33                 ` Stephen Hemminger
2010-11-12 20:18             ` Alexey Dobriyan
2010-11-12 20:37               ` David Miller
2010-11-12 22:40                 ` Alexey Dobriyan
2010-11-12 22:46                   ` David Miller
     [not found] <1289673008.3090.350.camel@Dan>
2010-11-13 18:42 ` Dan Rosenberg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1289582682.3090.323.camel@Dan \
    --to=drosenberg@vsecurity.com \
    --cc=adobriyan@gmail.com \
    --cc=daniel.lezcano@free.fr \
    --cc=davem@davemloft.net \
    --cc=ebiederm@xmission.com \
    --cc=eric.dumazet@gmail.com \
    --cc=hadi@mojatatu.com \
    --cc=jmorris@namei.org \
    --cc=joe@perches.com \
    --cc=johannes.berg@intel.com \
    --cc=jpirko@redhat.com \
    --cc=kaber@trash.net \
    --cc=kuznet@ms2.inr.ac.ru \
    --cc=linux-sctp@vger.kernel.org \
    --cc=lizf@cn.fujitsu.com \
    --cc=netdev@vger.kernel.org \
    --cc=pekkas@netcore.fi \
    --cc=remi.denis-courmont@nokia.com \
    --cc=shemminger@vyatta.com \
    --cc=socketcan-core@lists.berlios.de \
    --cc=socketcan@hartkopp.net \
    --cc=sri@us.ibm.com \
    --cc=tj@kernel.org \
    --cc=torvalds@linux-foundation.org \
    --cc=urs.thuermann@volkswagen.de \
    --cc=vladislav.yasevich@hp.com \
    --cc=xemul@openvz.org \
    --cc=yoshfuji@linux-ipv6.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.