From: Matthew Wilcox <matthew@wil.cx>
To: Kees Cook <keescook@chromium.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
linux-kernel@vger.kernel.org,
Alexander Viro <viro@zeniv.linux.org.uk>,
Rik van Riel <riel@redhat.com>,
Federica Teodori <federica.teodori@googlemail.com>,
Lucian Adrian Grijincu <lucian.grijincu@gmail.com>,
Ingo Molnar <mingo@elte.hu>,
Peter Zijlstra <a.p.zijlstra@chello.nl>,
Eric Paris <eparis@redhat.com>,
Randy Dunlap <rdunlap@xenotime.net>,
Dan Rosenberg <drosenberg@vsecurity.com>,
linux-doc@vger.kernel.org, linux-fsdevel@vger.kernel.org,
kernel-hardening@lists.openwall.com
Subject: [kernel-hardening] Re: [PATCH v2012.2] fs: symlink restrictions on sticky directories
Date: Sun, 8 Jan 2012 04:44:07 -0700 [thread overview]
Message-ID: <20120108114407.GA22056@parisc-linux.org> (raw)
In-Reply-To: <20120107185548.GA30748@outflux.net>
On Sat, Jan 07, 2012 at 10:55:48AM -0800, Kees Cook wrote:
> v2012.2:
> - Change sysctl mode to 0600, suggested by Ingo Molnar.
> - Rework CONFIG logic to split code from default behavior.
> - Renamed sysctl to have a "sysctl_" prefix, suggested by Andrew Morton.
All the sysctl / CONFIG logic seems very complex. Why not make it
a module parameter instead? It can be easily changed at boot time
(specify kernel.insecure_symlinks=1 on the kernel command line) and,
with a mode of 0600, can be modified at runtime too.
--
Matthew Wilcox Intel Open Source Technology Centre
"Bill, look, we understand that you're interested in selling us this
operating system, but compare it to ours. We can't possibly take such
a retrograde step."
WARNING: multiple messages have this Message-ID (diff)
From: Matthew Wilcox <matthew@wil.cx>
To: Kees Cook <keescook@chromium.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
linux-kernel@vger.kernel.org,
Alexander Viro <viro@zeniv.linux.org.uk>,
Rik van Riel <riel@redhat.com>,
Federica Teodori <federica.teodori@googlemail.com>,
Lucian Adrian Grijincu <lucian.grijincu@gmail.com>,
Ingo Molnar <mingo@elte.hu>,
Peter Zijlstra <a.p.zijlstra@chello.nl>,
Eric Paris <eparis@redhat.com>,
Randy Dunlap <rdunlap@xenotime.net>,
Dan Rosenberg <drosenberg@vsecurity.com>,
linux-doc@vger.kernel.org, linux-fsdevel@vger.kernel.org,
kernel-hardening@lists.openwall.com
Subject: Re: [PATCH v2012.2] fs: symlink restrictions on sticky directories
Date: Sun, 8 Jan 2012 04:44:07 -0700 [thread overview]
Message-ID: <20120108114407.GA22056@parisc-linux.org> (raw)
In-Reply-To: <20120107185548.GA30748@outflux.net>
On Sat, Jan 07, 2012 at 10:55:48AM -0800, Kees Cook wrote:
> v2012.2:
> - Change sysctl mode to 0600, suggested by Ingo Molnar.
> - Rework CONFIG logic to split code from default behavior.
> - Renamed sysctl to have a "sysctl_" prefix, suggested by Andrew Morton.
All the sysctl / CONFIG logic seems very complex. Why not make it
a module parameter instead? It can be easily changed at boot time
(specify kernel.insecure_symlinks=1 on the kernel command line) and,
with a mode of 0600, can be modified at runtime too.
--
Matthew Wilcox Intel Open Source Technology Centre
"Bill, look, we understand that you're interested in selling us this
operating system, but compare it to ours. We can't possibly take such
a retrograde step."
next prev parent reply other threads:[~2012-01-08 11:44 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-07 18:55 [kernel-hardening] [PATCH v2012.2] fs: symlink restrictions on sticky directories Kees Cook
2012-01-07 18:55 ` Kees Cook
2012-01-08 11:44 ` Matthew Wilcox [this message]
2012-01-08 11:44 ` Matthew Wilcox
2012-01-08 17:53 ` [kernel-hardening] " Kees Cook
2012-01-08 17:53 ` Kees Cook
2012-01-08 17:53 ` Kees Cook
2012-02-17 23:24 ` [kernel-hardening] " Andrew Morton
2012-02-17 23:24 ` Andrew Morton
2012-02-17 23:36 ` [kernel-hardening] " Kees Cook
2012-02-17 23:36 ` Kees Cook
2012-02-17 23:42 ` [kernel-hardening] " Andrew Morton
2012-02-17 23:42 ` Andrew Morton
2012-02-18 1:09 ` [kernel-hardening] " Kees Cook
2012-02-18 1:09 ` Kees Cook
2012-02-19 12:31 ` [kernel-hardening] " Ingo Molnar
2012-02-19 12:31 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120108114407.GA22056@parisc-linux.org \
--to=matthew@wil.cx \
--cc=a.p.zijlstra@chello.nl \
--cc=akpm@linux-foundation.org \
--cc=drosenberg@vsecurity.com \
--cc=eparis@redhat.com \
--cc=federica.teodori@googlemail.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lucian.grijincu@gmail.com \
--cc=mingo@elte.hu \
--cc=rdunlap@xenotime.net \
--cc=riel@redhat.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.