| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Jun 2011 23:38:45 -0400 From: Andrew Lutomirski <luto@....edu> To: Darren Hart <dvhart@...ux.intel.com> Cc: George Spelvin <linux@...izon.com>, david@...advisors.com, kyle@...fetthome.net, linux-kernel@...r.kernel.org Subject: Re: Change in functionality of futex() system call. On Wed, Jun 8, 2011 at 11:02 PM, Darren Hart <dvhart@...ux.intel.com> wrote: > On 06/08/2011 05:44 PM, George Spelvin wrote: >> I'm not sure if it's best, but the risk of RO waiters interfering could >> be solved by giving them a lower prioirty for wakeup and always waking >> RW-mapped waiters first. > > This strikes me as bending over backwards and jumping through hoops > inside the kernel to avoid having to do proper permissions management in > userspace. Huh? I still don't understand why userspace ought to need to deny read access to a file to prevent DoS. I think it's entirely reasonable for userspace to make the assumption that users with read access cannot make changes visible to writers unless explicitly documented (i.e. file locking, which is so thoroughly broken that it shouldn't be taken as an example of how to design anything). Given that current kernels make this use safe and the proposal is to make it unsafe, I think it's worth designing the interface to avoid introducing new security problems. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists