From: Rik van Riel <riel@redhat.com>
To: Davide Libenzi <davidel@xmailserver.org>
Cc: Ulrich Drepper <drepper@gmail.com>,
Andy Isaacson <adi@hexapodia.org>,
Kyle Moffett <mrmacman_g4@mac.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [patch 0/4] MAP_NOZERO v2 - VM_NOZERO/MAP_NOZERO early summer madness
Date: Mon, 02 Jul 2007 18:55:40 -0400 [thread overview]
Message-ID: <4689826C.5050800@redhat.com> (raw)
In-Reply-To: <Pine.LNX.4.64.0707021540560.14774@alien.or.mcafeemobile.com>
Davide Libenzi wrote:
> On Mon, 2 Jul 2007, Ulrich Drepper wrote:
>
>> On 7/2/07, Rik van Riel <riel@redhat.com> wrote:
>>> That should not happen. The default SELinux configuration
>>> in Fedora (and Debian?) runs a few daemons in their own
>>> restricted modes and has most of the system running in
>>> unconfined_t, including the majority of user programs.
>> This is the state as of F7. This will change hopefully soon.
>> Programs like firefox run by normal users must be confined, to. Any
>> tests using security must be fast, it's not something which is done
>> only for a few apps.
>
> The strong requirement would be that the cookie is not a bit longer than
> sizeof(unsigned long).
You could easily replace the cookie with a pointer to a free
page pool.
--
Politics is the struggle between those who want to make their country
the best in the world, and those who believe it already is. Each group
calls the other unpatriotic.
next prev parent reply other threads:[~2007-07-02 22:56 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-28 18:49 [patch 0/4] MAP_NOZERO v2 - VM_NOZERO/MAP_NOZERO early summer madness Davide Libenzi
2007-06-29 2:57 ` Kyle Moffett
2007-06-29 3:04 ` Rik van Riel
2007-06-29 5:09 ` Ulrich Drepper
2007-06-29 5:20 ` Davide Libenzi
2007-06-29 19:39 ` Andy Isaacson
2007-06-29 20:12 ` Davide Libenzi
2007-06-29 23:48 ` Kyle Moffett
2007-06-30 19:03 ` Davide Libenzi
2007-06-30 23:46 ` Kyle Moffett
2007-06-30 23:57 ` Davide Libenzi
2007-07-01 0:21 ` Kyle Moffett
2007-07-01 4:25 ` Davide Libenzi
2007-07-02 19:00 ` Andy Isaacson
2007-07-02 19:03 ` Rik van Riel
2007-07-02 19:06 ` Ulrich Drepper
2007-07-02 22:46 ` Davide Libenzi
2007-07-02 22:55 ` Rik van Riel [this message]
2007-07-02 23:46 ` Davide Libenzi
2007-07-04 21:53 ` Andy Isaacson
2007-07-04 23:42 ` Davide Libenzi
2007-07-02 18:38 ` Andy Isaacson
2007-07-02 22:38 ` Davide Libenzi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4689826C.5050800@redhat.com \
--to=riel@redhat.com \
--cc=adi@hexapodia.org \
--cc=davidel@xmailserver.org \
--cc=drepper@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mrmacman_g4@mac.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox