* [kernel-hardening] link & FIFO hardening
@ 2011-06-12 2:56 Solar Designer
0 siblings, 0 replies; only message in thread
From: Solar Designer @ 2011-06-12 2:56 UTC (permalink / raw)
To: kernel-hardening
Vasiliy, Kees -
Vasiliy - in your "overview of grsecurity and -ow patches":
http://www.openwall.com/lists/owl-dev/2011/04/23/1
you wrote:
> GRKERNSEC_LINK [+]
> GRKERNSEC_FIFO [+]
> GRKERNSEC_HARDEN_PTRACE [+]
>
> There is YAMA LSM for mainline, implementing these features. It is not
> yet applied, but Kees Cook does his best to push it. For RHEL6/OpenVZ
> YAMA should be OK (with Ubuntu's forcing scheme), with minor
> synchorization changes.
What's the status on this (for mainline)? I regard the link (both
symlink and hard link) and FIFO restrictions as a priority, compared to
some other things we'll be working on. (In general, I want us to have a
full set of whatever was in 2.4.x-ow merged sooner rather than later.)
Thanks,
Alexander
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2011-06-12 2:56 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-06-12 2:56 [kernel-hardening] link & FIFO hardening Solar Designer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox