From: Hans Reiser <reiser@namesys.com>
To: Jesse Pollard <jesse@cats-chateau.net>
Cc: John Lange <john.lange@bighostbox.com>,
Linux Kernel <linux-kernel@vger.kernel.org>,
Valdis.Kletnieks@vt.edu, mcmanus@ducksong.com,
jmorris@redhat.com
Subject: Re: A new model for ports and kernel security?
Date: Mon, 06 Oct 2003 12:06:20 +0400 [thread overview]
Message-ID: <3F81227C.40900@namesys.com> (raw)
In-Reply-To: <03100208222600.20948@tabby>
Jesse Pollard wrote:
>On Wednesday 01 October 2003 20:45, John Lange wrote:
>
>
>>A few people suggested various patches which implement a similar
>>functionality to what I was suggesting and I thank them for that.
>>
>>I think this clearly demonstrates that there is a demand for such a
>>feature.
>>
>>
>
>Not really - that is why they have been external for several years.
>
>
I would hope that it is more because the grsecurity documentation
suggests it is still a work in progress. Perhaps its author might
consider dividing his work up into smaller patches for Linus to consider.
The original poster was right that restricting ports below 1024 is an
unclean hack, and a poor substitute for a better permissions model.
Unfortunately it is an unclean hack in an area where it is difficult for
society to achieve the decision needed for change.
--
Hans
next prev parent reply other threads:[~2003-10-06 8:06 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-10-01 19:06 A new model for ports and kernel security? John Lange
2003-10-01 19:27 ` James Morris
2003-10-02 1:45 ` John Lange
2003-10-02 13:22 ` Jesse Pollard
2003-10-02 14:30 ` John Lange
2003-10-06 8:06 ` Hans Reiser [this message]
2003-10-01 19:28 ` Valdis.Kletnieks
2003-10-01 20:10 ` Krzysztof Halasa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F81227C.40900@namesys.com \
--to=reiser@namesys.com \
--cc=Valdis.Kletnieks@vt.edu \
--cc=jesse@cats-chateau.net \
--cc=jmorris@redhat.com \
--cc=john.lange@bighostbox.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mcmanus@ducksong.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox