diff for duplicates of <20110919144657.GA5928@albatros> diff --git a/a/1.txt b/N1/1.txt index d2cf2b2..dbb9e32 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -4,15 +4,15 @@ On Mon, Sep 19, 2011 at 17:30 +0300, Pekka Enberg wrote: > > On Wed, Sep 14, 2011 at 12:27 -0700, Kees Cook wrote: > >> On Sat, Sep 10, 2011 at 08:41:34PM +0400, Vasiliy Kulikov wrote: > >> > Historically /proc/slabinfo has 0444 permissions and is accessible to -> >> > the world. slabinfo contains rather private information related both to -> >> > the kernel and userspace tasks. Depending on the situation, it might +> >> > the world. slabinfo contains rather private information related both to +> >> > the kernel and userspace tasks. Depending on the situation, it might > >> > reveal either private information per se or information useful to make -> >> > another targeted attack. Some examples of what can be learned by +> >> > another targeted attack. Some examples of what can be learned by > >> > reading/watching for /proc/slabinfo entries: > >> > ... > >> > World readable slabinfo simplifies kernel developers' job of debugging > >> > kernel bugs (e.g. memleaks), but I believe it does more harm than -> >> > benefits. For most users 0444 slabinfo is an unreasonable attack vector. +> >> > benefits. For most users 0444 slabinfo is an unreasonable attack vector. > >> > > >> > Signed-off-by: Vasiliy Kulikov <segoon@openwall.com> > @@ -23,7 +23,7 @@ On Mon, Sep 19, 2011 at 17:30 +0300, Pekka Enberg wrote: > >> Reviewed-by: Kees Cook <kees@ubuntu.com> > > > > Looks like the members of the previous slabinfo discussion don't object -> > against the patch now and it got two other Reviewed-by responses. Can +> > against the patch now and it got two other Reviewed-by responses. Can > > you merge it as-is or should I probably convince someone else? > > We discussed this in March (google for 'Make /proc/slabinfo 0400') @@ -50,3 +50,10 @@ Thanks, -- Vasiliy Kulikov http://www.openwall.com - bringing security into open computing environments + +-- +To unsubscribe, send a message with 'unsubscribe linux-mm' in +the body to majordomo@kvack.org. For more info on Linux MM, +see: http://www.linux-mm.org/ . +Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ +Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a> diff --git a/a/content_digest b/N1/content_digest index 163bb2e..8c33aab 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -29,15 +29,15 @@ "> > On Wed, Sep 14, 2011 at 12:27 -0700, Kees Cook wrote:\n" "> >> On Sat, Sep 10, 2011 at 08:41:34PM +0400, Vasiliy Kulikov wrote:\n" "> >> > Historically /proc/slabinfo has 0444 permissions and is accessible to\n" - "> >> > the world. \302\240slabinfo contains rather private information related both to\n" - "> >> > the kernel and userspace tasks. \302\240Depending on the situation, it might\n" + "> >> > the world. slabinfo contains rather private information related both to\n" + "> >> > the kernel and userspace tasks. Depending on the situation, it might\n" "> >> > reveal either private information per se or information useful to make\n" - "> >> > another targeted attack. \302\240Some examples of what can be learned by\n" + "> >> > another targeted attack. Some examples of what can be learned by\n" "> >> > reading/watching for /proc/slabinfo entries:\n" "> >> > ...\n" "> >> > World readable slabinfo simplifies kernel developers' job of debugging\n" "> >> > kernel bugs (e.g. memleaks), but I believe it does more harm than\n" - "> >> > benefits. \302\240For most users 0444 slabinfo is an unreasonable attack vector.\n" + "> >> > benefits. For most users 0444 slabinfo is an unreasonable attack vector.\n" "> >> >\n" "> >> > Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>\n" "> \n" @@ -48,7 +48,7 @@ "> >> Reviewed-by: Kees Cook <kees@ubuntu.com>\n" "> >\n" "> > Looks like the members of the previous slabinfo discussion don't object\n" - "> > against the patch now and it got two other Reviewed-by responses. \302\240Can\n" + "> > against the patch now and it got two other Reviewed-by responses. Can\n" "> > you merge it as-is or should I probably convince someone else?\n" "> \n" "> We discussed this in March (google for 'Make /proc/slabinfo 0400')\n" @@ -74,6 +74,13 @@ "\n" "-- \n" "Vasiliy Kulikov\n" - http://www.openwall.com - bringing security into open computing environments + "http://www.openwall.com - bringing security into open computing environments\n" + "\n" + "--\n" + "To unsubscribe, send a message with 'unsubscribe linux-mm' in\n" + "the body to majordomo@kvack.org. For more info on Linux MM,\n" + "see: http://www.linux-mm.org/ .\n" + "Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/\n" + "Don't email: <a href=mailto:\"dont@kvack.org\"> email@kvack.org </a>" -d3d4d5fac294b961e3f050ad1ffdbfefe9d452cacf7e548595bf4f4b6942d963 +aeade1de45cfca8f6f90c3bb4d897b5a04d071673e054413fa872b66ad0fd438
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.