[kernel-hardening] Re: [PATCH v2012.1] fs: symlink restrictions on sticky directories

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ingo Molnar <mingo@elte.hu>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Kees Cook <keescook@chromium.org>,
	linux-kernel@vger.kernel.org,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Rik van Riel <riel@redhat.com>,
	Federica Teodori <federica.teodori@googlemail.com>,
	Lucian Adrian Grijincu <lucian.grijincu@gmail.com>,
	Peter Zijlstra <a.p.zijlstra@chello.nl>,
	Eric Paris <eparis@redhat.com>,
	Randy Dunlap <rdunlap@xenotime.net>,
	Dan Rosenberg <drosenberg@vsecurity.com>,
	linux-doc@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	kernel-hardening@lists.openwall.com
Subject: [kernel-hardening] Re: [PATCH v2012.1] fs: symlink restrictions on sticky directories
Date: Fri, 6 Jan 2012 11:05:20 +0100	[thread overview]
Message-ID: <20120106100520.GA7962@elte.hu> (raw)
In-Reply-To: <20120106015808.1655d1c9.akpm@linux-foundation.org>

* Andrew Morton <akpm@linux-foundation.org> wrote:

> Maybe true for a general purpose computer, but someone who is 
> making a single-purpose device such as a digital TV or a wifi 
> router won't want it.

That's the case for 99% of the features and semantics we have: 
by definition a single-purpose device uses only a small sub-set 
of an infinite purpose OS, right?

Still we only modularize semantics out if they easily fit into 
some existing plug-in/module concept, if the feature is arguably 
oddball that a sizable portion of people want to disable, or if 
it makes notable sense for size reasons. To me it looked 
distinctly silly to complicate things for such a small piece of 
code.

I doubt Kees would mind modularizing it, but it would be nice to 
get VFS maintainer feedback in the:

   { 'you are crazy, over my dead body' ... 'cool, merge it' }

continuous spectrum of possible answers.

Thanks,

	Ingo

WARNING: multiple messages have this Message-ID (diff)

From: Ingo Molnar <mingo@elte.hu>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Kees Cook <keescook@chromium.org>,
	linux-kernel@vger.kernel.org,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Rik van Riel <riel@redhat.com>,
	Federica Teodori <federica.teodori@googlemail.com>,
	Lucian Adrian Grijincu <lucian.grijincu@gmail.com>,
	Peter Zijlstra <a.p.zijlstra@chello.nl>,
	Eric Paris <eparis@redhat.com>,
	Randy Dunlap <rdunlap@xenotime.net>,
	Dan Rosenberg <drosenberg@vsecurity.com>,
	linux-doc@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	kernel-hardening@lists.openwall.com
Subject: Re: [PATCH v2012.1] fs: symlink restrictions on sticky directories
Date: Fri, 6 Jan 2012 11:05:20 +0100	[thread overview]
Message-ID: <20120106100520.GA7962@elte.hu> (raw)
In-Reply-To: <20120106015808.1655d1c9.akpm@linux-foundation.org>

* Andrew Morton <akpm@linux-foundation.org> wrote:

> Maybe true for a general purpose computer, but someone who is 
> making a single-purpose device such as a digital TV or a wifi 
> router won't want it.

That's the case for 99% of the features and semantics we have: 
by definition a single-purpose device uses only a small sub-set 
of an infinite purpose OS, right?

Still we only modularize semantics out if they easily fit into 
some existing plug-in/module concept, if the feature is arguably 
oddball that a sizable portion of people want to disable, or if 
it makes notable sense for size reasons. To me it looked 
distinctly silly to complicate things for such a small piece of 
code.

I doubt Kees would mind modularizing it, but it would be nice to 
get VFS maintainer feedback in the:

   { 'you are crazy, over my dead body' ... 'cool, merge it' }

continuous spectrum of possible answers.

Thanks,

	Ingo

next prev parent reply	other threads:[~2012-01-06 10:05 UTC|newest]

Thread overview: 44+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-01-04 20:18 [kernel-hardening] [PATCH v2012.1] fs: symlink restrictions on sticky directories Kees Cook
2012-01-04 20:18 ` Kees Cook
2012-01-05  9:17 ` [kernel-hardening] " Ingo Molnar
2012-01-05  9:17   ` Ingo Molnar
2012-01-05 19:36   ` [kernel-hardening] " Kees Cook
2012-01-05 19:36     ` Kees Cook
2012-01-06  7:36     ` [kernel-hardening] " Ingo Molnar
2012-01-06  7:36       ` Ingo Molnar
2012-01-06  9:21       ` [kernel-hardening] " Andrew Morton
2012-01-06  9:21         ` Andrew Morton
2012-01-06  9:43         ` [kernel-hardening] " Ingo Molnar
2012-01-06  9:43           ` Ingo Molnar
2012-01-06  9:58           ` [kernel-hardening] " Andrew Morton
2012-01-06  9:58             ` Andrew Morton
2012-01-06 10:05             ` Ingo Molnar [this message]
2012-01-06 10:05               ` Ingo Molnar
2012-01-06 10:33               ` [kernel-hardening] " Andrew Morton
2012-01-06 10:33                 ` Andrew Morton
2012-01-06 11:16                 ` [kernel-hardening] " Ingo Molnar
2012-01-06 11:16                   ` Ingo Molnar
2012-01-06 18:34             ` [kernel-hardening] " Kees Cook
2012-01-06 18:34               ` Kees Cook
2012-01-06 18:44         ` [kernel-hardening] " Kees Cook
2012-01-06 18:44           ` Kees Cook
2012-01-05 14:30 ` [kernel-hardening] " Nick Bowler
2012-01-05 14:30   ` Nick Bowler
2012-01-05 19:34   ` [kernel-hardening] " Kees Cook
2012-01-05 19:34     ` Kees Cook
2012-01-05 19:34     ` Kees Cook
2012-01-05 20:08     ` [kernel-hardening] " Nick Bowler
2012-01-05 20:08       ` Nick Bowler
2012-01-05 20:08       ` Nick Bowler
2012-01-05 20:55       ` [kernel-hardening] " Kees Cook
2012-01-05 20:55         ` Kees Cook
2012-01-05 22:18         ` [kernel-hardening] " Nick Bowler
2012-01-05 22:18           ` Nick Bowler
2012-01-06  0:08           ` [kernel-hardening] " Kees Cook
2012-01-06  0:08             ` Kees Cook
2012-01-06  2:05         ` [kernel-hardening] " Rik van Riel
2012-01-06  2:05           ` Rik van Riel
2012-01-06  7:34           ` [kernel-hardening] " Ingo Molnar
2012-01-06  7:34             ` Ingo Molnar
2012-01-06  7:10       ` [kernel-hardening] " Ingo Molnar
2012-01-06  7:10         ` Ingo Molnar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20120106100520.GA7962@elte.hu \
    --to=mingo@elte.hu \
    --cc=a.p.zijlstra@chello.nl \
    --cc=akpm@linux-foundation.org \
    --cc=drosenberg@vsecurity.com \
    --cc=eparis@redhat.com \
    --cc=federica.teodori@googlemail.com \
    --cc=keescook@chromium.org \
    --cc=kernel-hardening@lists.openwall.com \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lucian.grijincu@gmail.com \
    --cc=rdunlap@xenotime.net \
    --cc=riel@redhat.com \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.