From: Oleg Nesterov <oleg@redhat.com>
To: Kees Cook <keescook@chromium.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
"security@kernel.org" <security@kernel.org>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Vasily Kulikov <segoon@openwall.com>,
Petr Matousek <pmatouse@redhat.com>,
LKML <linux-kernel@vger.kernel.org>,
linux-arch@vger.kernel.org,
Alex Kelly <alex.page.kelly@gmail.com>,
Josh Triplett <josh@joshtriplett.org>
Subject: Re: [PATCH 2/3] kill MMF_DUMPABLE and MMF_DUMP_SECURELY
Date: Mon, 18 Nov 2013 20:37:52 +0100 [thread overview]
Message-ID: <20131118193752.GA15948@redhat.com> (raw)
In-Reply-To: <CAGXu5jKRvLqWkOF=3qoQ1ZdaKNLai_kai4Png5Ls3X1WAtdzJA@mail.gmail.com>
On 11/18, Kees Cook wrote:
>
> On Mon, Nov 18, 2013 at 11:16 AM, Oleg Nesterov <oleg@redhat.com> wrote:
> >
> > And I don't really like the "silently ignore" logic, so perhaps
> >
> > if (WARN_ON(value > SUID_DUMP_ROOT))
> > return;
>
> Ah, good point about == 4. Yeah, I like the WARN_ON. No reason not to
> be defensive as long as this code is getting changed.
OK. I'll send v2 tomorrow.
And I just noticed I forgot to remove security@kernel.org, sorry for
unnecessary noise.
Oleg.
next prev parent reply other threads:[~2013-11-18 19:36 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20131101232521.GA23119@www.outflux.net>
[not found] ` <20131114170337.GA11068@redhat.com>
[not found] ` <CAGXu5jLXpLqjCAMFwKp7t7GpMq4+WBqNzSFC=up+CBvgGDuFCw@mail.gmail.com>
[not found] ` <20131115203652.GA13476@redhat.com>
[not found] ` <CAGXu5j+=LZYAczLVawGPAxd=9VX1FupWZq+2858GsrD1YprL3w@mail.gmail.com>
2013-11-16 19:00 ` [PATCH 0/3] get/set_dumpable() cleanups and theoretical fix Oleg Nesterov
2013-11-16 19:01 ` [PATCH 1/3] set_dumpable: fix the theoretical race with itself Oleg Nesterov
2013-11-18 16:36 ` Kees Cook
2013-11-16 19:01 ` [PATCH 2/3] kill MMF_DUMPABLE and MMF_DUMP_SECURELY Oleg Nesterov
2013-11-18 18:38 ` Kees Cook
2013-11-18 19:16 ` Oleg Nesterov
2013-11-18 19:27 ` Kees Cook
2013-11-18 19:37 ` Oleg Nesterov [this message]
2013-11-16 19:02 ` [PATCH 3/3] make __get_dumpable/get_dumpable inline, kill fs/coredump.h Oleg Nesterov
2013-11-18 18:39 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131118193752.GA15948@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=alex.page.kelly@gmail.com \
--cc=ebiederm@xmission.com \
--cc=josh@joshtriplett.org \
--cc=keescook@chromium.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pmatouse@redhat.com \
--cc=security@kernel.org \
--cc=segoon@openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.