From: ebiederm@xmission.com (Eric W. Biederman)
To: Djalal Harouni <tixxdz@opendz.org>
Cc: Kees Cook <keescook@chromium.org>,
Al Viro <viro@zeniv.linux.org.uk>,
Andrew Morton <akpm@linux-foundation.org>,
Solar Designer <solar@openwall.com>,
Vasiliy Kulikov <segoon@openwall.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Ingo Molnar <mingo@kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>
Subject: [kernel-hardening] Re: [PATCH 1/2] procfs: restore 0400 permissions on /proc/*/{syscall,stack,personality}
Date: Wed, 28 Aug 2013 17:26:56 -0700 [thread overview]
Message-ID: <87sixt735b.fsf@xmission.com> (raw)
In-Reply-To: <20130828211116.GA22184@dztty> (Djalal Harouni's message of "Wed, 28 Aug 2013 22:11:17 +0100")
I have take a moment and read this thread, and have been completely
unenlightend. People are upset but it is totally unclear why.
There is no explanation why it is ok to ignore the suid-exec case, as
the posted patches do. Which ultimately means the patches provide
little to no security benefit, and that the posted patches as written
are broken.
There is no clear explanation of what people are worried about.
References to other threads and other commits do not help.
Can someome please state what they are worried about in simple language
step by step?
I see absolutely nothing to overturn Al's analysis that these files
simply don't need protection.
The closest I saw in the thread was people were worried about ASLR being
defeated. All I see are kernel addresses and we don't have much if any
runtime or even load time randomization of where code is located in the
kernel address map on x86_64. So I don't understand the concern.
Certainly all of the clever applications and use of suid apps appear to
be jumping around crazy hoops and to achieve what I can achieve with a
simple cat of a file.
Eric
WARNING: multiple messages have this Message-ID (diff)
From: ebiederm@xmission.com (Eric W. Biederman)
To: Djalal Harouni <tixxdz@opendz.org>
Cc: Kees Cook <keescook@chromium.org>,
Al Viro <viro@zeniv.linux.org.uk>,
Andrew Morton <akpm@linux-foundation.org>,
Solar Designer <solar@openwall.com>,
Vasiliy Kulikov <segoon@openwall.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Ingo Molnar <mingo@kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
"kernel-hardening\@lists.openwall.com"
<kernel-hardening@lists.openwall.com>
Subject: Re: [PATCH 1/2] procfs: restore 0400 permissions on /proc/*/{syscall,stack,personality}
Date: Wed, 28 Aug 2013 17:26:56 -0700 [thread overview]
Message-ID: <87sixt735b.fsf@xmission.com> (raw)
In-Reply-To: <20130828211116.GA22184@dztty> (Djalal Harouni's message of "Wed, 28 Aug 2013 22:11:17 +0100")
I have take a moment and read this thread, and have been completely
unenlightend. People are upset but it is totally unclear why.
There is no explanation why it is ok to ignore the suid-exec case, as
the posted patches do. Which ultimately means the patches provide
little to no security benefit, and that the posted patches as written
are broken.
There is no clear explanation of what people are worried about.
References to other threads and other commits do not help.
Can someome please state what they are worried about in simple language
step by step?
I see absolutely nothing to overturn Al's analysis that these files
simply don't need protection.
The closest I saw in the thread was people were worried about ASLR being
defeated. All I see are kernel addresses and we don't have much if any
runtime or even load time randomization of where code is located in the
kernel address map on x86_64. So I don't understand the concern.
Certainly all of the clever applications and use of suid apps appear to
be jumping around crazy hoops and to achieve what I can achieve with a
simple cat of a file.
Eric
next prev parent reply other threads:[~2013-08-29 0:26 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-26 16:23 [kernel-hardening] [PATCH 1/2] procfs: restore 0400 permissions on /proc/*/{syscall,stack,personality} Djalal Harouni
2013-08-26 16:23 ` Djalal Harouni
2013-08-26 16:24 ` [kernel-hardening] [PATCH 2/2] procfs: restore 0400 permissions on /proc/*/pagemap Djalal Harouni
2013-08-26 16:24 ` Djalal Harouni
2013-08-26 16:50 ` [kernel-hardening] " Eric W. Biederman
2013-08-26 16:50 ` Eric W. Biederman
2013-08-26 16:49 ` [kernel-hardening] Re: [PATCH 1/2] procfs: restore 0400 permissions on /proc/*/{syscall,stack,personality} Eric W. Biederman
2013-08-26 16:49 ` Eric W. Biederman
2013-08-26 17:20 ` [kernel-hardening] " Al Viro
2013-08-26 17:20 ` Al Viro
2013-08-27 17:24 ` [kernel-hardening] " Djalal Harouni
2013-08-27 17:24 ` Djalal Harouni
2013-08-28 20:11 ` [kernel-hardening] " Djalal Harouni
2013-08-28 20:11 ` Djalal Harouni
2013-08-28 20:49 ` [kernel-hardening] " Kees Cook
2013-08-28 20:49 ` Kees Cook
2013-08-28 21:11 ` [kernel-hardening] " Djalal Harouni
2013-08-28 21:11 ` Djalal Harouni
2013-08-29 0:26 ` Eric W. Biederman [this message]
2013-08-29 0:26 ` Eric W. Biederman
2013-08-29 0:30 ` [kernel-hardening] " Kees Cook
2013-08-29 0:30 ` Kees Cook
2013-08-29 1:08 ` [kernel-hardening] " Eric W. Biederman
2013-08-29 1:08 ` Eric W. Biederman
2013-08-29 3:33 ` [kernel-hardening] " Kees Cook
2013-08-29 3:33 ` Kees Cook
2013-08-29 7:42 ` [kernel-hardening] " Eric W. Biederman
2013-08-29 7:42 ` Eric W. Biederman
2013-08-29 9:11 ` [kernel-hardening] " Djalal Harouni
2013-08-29 9:11 ` Djalal Harouni
2013-08-29 22:14 ` [kernel-hardening] " Kees Cook
2013-08-29 22:14 ` Kees Cook
2013-08-31 20:26 ` [kernel-hardening] " Djalal Harouni
2013-08-31 20:26 ` Djalal Harouni
2013-09-01 1:44 ` [kernel-hardening] " Eric W. Biederman
2013-09-01 1:44 ` Eric W. Biederman
2013-09-01 15:04 ` [kernel-hardening] " Kees Cook
2013-09-01 15:04 ` Kees Cook
2013-09-12 1:23 ` [kernel-hardening] " Djalal Harouni
2013-09-12 1:23 ` Djalal Harouni
2013-10-04 0:41 ` [kernel-hardening] " Kees Cook
2013-10-04 0:41 ` Kees Cook
2013-10-04 0:53 ` [kernel-hardening] " Ryan Mallon
2013-10-04 0:53 ` Ryan Mallon
2013-08-26 20:34 ` [kernel-hardening] " Djalal Harouni
2013-08-26 20:34 ` Djalal Harouni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87sixt735b.fsf@xmission.com \
--to=ebiederm@xmission.com \
--cc=akpm@linux-foundation.org \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=segoon@openwall.com \
--cc=solar@openwall.com \
--cc=tixxdz@opendz.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.