From: Pavel Machek <pavel@suse.cz>
To: Mimi Zohar <zohar@us.ibm.com>
Cc: Christoph Hellwig <hch@infradead.org>,
akpm@osdl.org, kjhall@linux.vnet.ibm.com,
linux-kernel@vger.kernel.org, safford@watson.ibm.com
Subject: Re: mprotect abuse in slim
Date: Thu, 11 Jan 2007 14:35:37 +0000 [thread overview]
Message-ID: <20070111143537.GB6843@ucw.cz> (raw)
In-Reply-To: <OFE2C5A2DE.3ADDD896-ON8525725D.007C0671-8525725D.007D2BA9@us.ibm.com>
Hi!
> SLIM implements dynamic process labels, so when a process
> is demoted, we must be able to revoke write access to some
> resources to which it has previously valid handles.
> For example, if a shell reads an untrusted file, the
> shell is demoted, and write access to more trusted files
> revoked. Based on previous comments on lkml, we understand
> that this is not really possible in general, so SLIM only
> attempts to revoke access in certain simple cases.
Are you saying that SLIM is useless by design because interested
parties can work around it?
Pavel
--
Thanks for all the (sleeping) penguins.
next prev parent reply other threads:[~2007-01-12 11:02 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-08 13:41 mprotect abuse in slim Christoph Hellwig
2007-01-08 22:38 ` Mimi Zohar
2007-01-09 3:07 ` Arjan van de Ven
2007-01-09 9:46 ` Christoph Hellwig
2007-01-09 20:54 ` Chris Wright
2007-01-09 23:14 ` Serge E. Hallyn
2007-01-10 7:21 ` Pekka J Enberg
2007-01-10 15:58 ` Serge E. Hallyn
2007-01-11 7:39 ` Pekka Enberg
2007-01-11 15:49 ` Serge E. Hallyn
2007-01-12 7:43 ` Pekka Enberg
2007-01-12 15:17 ` Serge E. Hallyn
2007-01-12 9:45 ` Pekka Enberg
2007-01-12 19:28 ` Serge E. Hallyn
2007-01-12 19:53 ` Pekka J Enberg
2007-01-09 21:30 ` Mimi Zohar
2007-01-09 19:27 ` Valdis.Kletnieks
2007-01-09 21:45 ` Mimi Zohar
2007-01-11 14:35 ` Pavel Machek [this message]
2007-01-12 20:08 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070111143537.GB6843@ucw.cz \
--to=pavel@suse.cz \
--cc=akpm@osdl.org \
--cc=hch@infradead.org \
--cc=kjhall@linux.vnet.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=safford@watson.ibm.com \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox