Re: [2.6 patch] remove the Root Plug Support sample module

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Adrian Bunk <bunk@stusta.de>
To: Greg KH <gregkh@suse.de>
Cc: chrisw@sous-sol.org, linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: Re: [2.6 patch] remove the Root Plug Support sample module
Date: Sat, 22 Apr 2006 10:57:37 +0200	[thread overview]
Message-ID: <20060422085737.GL19754@stusta.de> (raw)
In-Reply-To: <20060421202918.GB32119@suse.de>

On Fri, Apr 21, 2006 at 01:29:18PM -0700, Greg KH wrote:
>...
> So, I'd like to keep this in the tree, for as long as the LSM interface
> sticks around, if possible.  It's not hurting anything, and it does work
> for users, and is a good example starting point for people wanting to
> use the LSM interface.
> 
> Unless there are any known security problems with it?  If so, please let
> me know.

Using USB Vendor ID/USB Product ID for identifying an USB device doesn't 
seem to bring real security since:
- every other device of the same type works as well
- using an arbitrary USB device with a manipulated
  USB Vendor ID/USB Product ID seems quite possible

It might work as an example, but if people think it would bring them 
real security that's a dangerous misunderstanding.

> thanks,
> 
> greg k-h

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

next prev parent reply	other threads:[~2006-04-22 17:18 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-04-21 20:19 [2.6 patch] remove the Root Plug Support sample module Adrian Bunk
2006-04-21 20:22 ` Chris Wright
2006-04-21 20:29 ` Greg KH
2006-04-22  8:57   ` Adrian Bunk [this message]
2006-04-22 21:36     ` Greg KH
2006-04-22 21:50     ` Tony Jones

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20060422085737.GL19754@stusta.de \
    --to=bunk@stusta.de \
    --cc=chrisw@sous-sol.org \
    --cc=gregkh@suse.de \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.