diff for duplicates of <20180925183953.GI15710@uranus> diff --git a/a/1.txt b/N1/1.txt index bd8a43d..6cc1535 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -6,7 +6,7 @@ On Tue, Sep 25, 2018 at 01:27:08PM -0400, Tong Zhang wrote: > When using prctl(PR_SET_NAME) to set the thread name, it is checked by security_task_prctl. > > We discovered a leaking path that can also use method implemented in -> fs/proc/base.c:1526 comm_write(), to do similar thing without asking LSM?s decision. +> fs/proc/base.c:1526 comm_write(), to do similar thing without asking LSM’s decision. I don't understand how it is a problem. Could you please explain? procfs/comm is created with S_IRUGO|S_IWUSR permissions. So diff --git a/a/content_digest b/N1/content_digest index 4006c5a..9d75ba2 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,8 +1,15 @@ "ref\0F7DFF547-5267-4EF3-8BF3-70DAF6C2A53A@vt.edu\0" - "From\0gorcunov@gmail.com (Cyrill Gorcunov)\0" - "Subject\0Leaking path for set_task_comm\0" + "From\0Cyrill Gorcunov <gorcunov@gmail.com>\0" + "Subject\0Re: Leaking path for set_task_comm\0" "Date\0Tue, 25 Sep 2018 21:39:53 +0300\0" - "To\0linux-security-module@vger.kernel.org\0" + "To\0Tong Zhang <ztong@vt.edu>\0" + "Cc\0adobriyan@gmail.com" + akpm@linux-foundation.org + viro@zeniv.linux.org.uk + linux-kernel@vger.kernel.org + linux-fsdevel@vger.kernel.org + linux-security-module@vger.kernel.org + " wenbo.s@samsung.com\0" "\00:1\0" "b\0" "On Tue, Sep 25, 2018 at 01:27:08PM -0400, Tong Zhang wrote:\n" @@ -13,10 +20,10 @@ "> When using prctl(PR_SET_NAME) to set the thread name, it is checked by security_task_prctl.\n" "> \n" "> We discovered a leaking path that can also use method implemented in \n" - "> fs/proc/base.c:1526 comm_write(), to do similar thing without asking LSM?s decision.\n" + "> fs/proc/base.c:1526 comm_write(), to do similar thing without asking LSM\342\200\231s decision.\n" "\n" "I don't understand how it is a problem. Could you please explain?\n" "procfs/comm is created with S_IRUGO|S_IWUSR permissions. So\n" prctl and procfs are simply different interfaces. -edf746f1fbaaf80bbdd3d5c0c9b610f545b192c2e56534aa200d9948ce3cbc44 +de256be21e9b67c82fc6b1bc348794b5520066041a650d032df85763cc5b5fcc
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.