| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Aug 2006 15:20:03 -0700 From: Kylene Jo Hall <kjhall@...ibm.com> To: Benjamin LaHaise <bcrl@...ck.org> Cc: linux-kernel <linux-kernel@...r.kernel.org>, LSM ML <linux-security-module@...r.kernel.org>, Dave Safford <safford@...ibm.com>, Mimi Zohar <zohar@...ibm.com>, Serge Hallyn <sergeh@...ibm.com> Subject: Re: [PATCH 3/7] SLIM main patch On Wed, 2006-08-23 at 16:41 -0400, Benjamin LaHaise wrote: > On Wed, Aug 23, 2006 at 01:35:56PM -0700, Kylene Jo Hall wrote: > > Example: The current process is running at the USER level and writing to > > a USER file in /home/user/. The process then attempts to read an > > UNTRUSTED file. The current process will become UNTRUSTED and the read > > allowed to proceed but first write access to all USER files is revoked > > including the ones it has open. > > Don't threads share file tables? What is preventing malicious code from > starting another thread which continues writing to the file that the > revoke attempt is made on? Well if they do share file tables then revoking write access from the file in the file table will revoke access for all threads. It looks like sharing or copying the file table is based on a flag to the clone call and we are looking into whether you could exploit that situation. Thanks, Kylie > > -ben - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists