From: "Theodore Ts'o" <tytso@mit.edu>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Kees Cook <kees@outflux.net>,
Nick Bowler <nbowler@elliptictech.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Linux 3.6
Date: Wed, 3 Oct 2012 16:41:41 -0400 [thread overview]
Message-ID: <20121003204141.GB6026@thunk.org> (raw)
In-Reply-To: <CA+55aFwgF1O_DzF0bqGO06n2kxNGE=f5BQsvZF_+q9o0pFPeGw@mail.gmail.com>
On Wed, Oct 03, 2012 at 01:29:15PM -0700, Linus Torvalds wrote:
> On Wed, Oct 3, 2012 at 1:05 PM, Kees Cook <kees@outflux.net> wrote:
> >
> > 3.6 introduced link restrictions:
>
> Hmm. If this causes problems for others, I suspect we need to turn it
> off by default.
>
> It's a nice security thing, but considering how quickly people started
> complaining after 3.6 was out, I suspect we'll see more of these, and
> we may not have any choice.
True, although I'm not sure we should be encouraging kernel developers
to have world-writeable directories. I suppose if it's a single-user
workstation it wouldn't matter, but you could imagine a daemon running
has "nobody" which has a stack overflow bug, and then if the user has
been careless and uses umasks so that directories in their home
directory are world writeable, well.....
Regardless of whether or not we turn this security feature off by
default, I think it's worthwhile to look at how and why did Nick's
directories become world-writeable, and whether there is so distro
default which is causing or encouraging this.
- Ted
next prev parent reply other threads:[~2012-10-03 20:41 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-01 0:38 Linux 3.6 Linus Torvalds
2012-10-03 19:46 ` Nick Bowler
2012-10-03 20:05 ` Kees Cook
2012-10-03 20:29 ` Linus Torvalds
2012-10-03 20:41 ` Theodore Ts'o [this message]
2012-10-03 20:49 ` Kees Cook
2012-10-03 20:54 ` Linus Torvalds
2012-10-03 20:58 ` Kees Cook
2012-10-03 21:05 ` Alan Cox
2012-10-03 21:04 ` Kees Cook
2012-10-04 13:35 ` Nick Bowler
2012-10-04 15:49 ` Kees Cook
2012-10-04 16:03 ` Nick Bowler
2012-10-04 16:14 ` Kees Cook
2012-10-04 17:16 ` Nick Bowler
2012-10-04 21:30 ` Stefan Richter
2012-10-09 18:51 ` Nick Bowler
2012-10-03 20:49 ` Alan Cox
2012-10-03 22:23 ` Matthias Schniedermeyer
2012-10-03 23:58 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121003204141.GB6026@thunk.org \
--to=tytso@mit.edu \
--cc=kees@outflux.net \
--cc=linux-kernel@vger.kernel.org \
--cc=nbowler@elliptictech.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.