| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Jun 2018 06:43:31 -0700
From: Kees Cook <keescook@...omium.org>
To: "Serge E. Hallyn" <serge@...lyn.com>
Cc: Mimi Zohar <zohar@...ux.vnet.ibm.com>,
Casey Schaufler <casey@...aufler-ca.com>,
Paul Moore <paul@...l-moore.com>,
linux-integrity <linux-integrity@...r.kernel.org>,
linux-security-module <linux-security-module@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>,
David Howells <dhowells@...hat.com>,
"Luis R . Rodriguez" <mcgrof@...nel.org>,
Eric Biederman <ebiederm@...ssion.com>,
Kexec Mailing List <kexec@...ts.infradead.org>,
Andres Rodriguez <andresx7@...il.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
Jessica Yu <jeyu@...nel.org>, James Morris <jmorris@...ei.org>
Subject: Re: [PATCH v4 0/8] kexec/firmware: support system wide policy
requiring signatures
On Tue, Jun 5, 2018 at 6:25 AM, Serge E. Hallyn <serge@...lyn.com> wrote:
> Quoting Kees Cook (keescook@...omium.org):
>> On Mon, Jun 4, 2018 at 9:09 PM, Serge E. Hallyn <serge@...lyn.com> wrote:
>> > Personally I agree with Eric and prefer a new hook. I don't feel strongly
>> > enough about it to keep bikeshedding, but since this set already exists,
>> > it seems like the way to go.
>>
>> And the new hook is "load stuff without a file descriptor"?
>
> Yes. Load stuff based on my own credentials not those attached
> to a file.
Okay, I can live with that. :)
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists