| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 26 Oct 2006 11:54:45 +0100 From: Alan Cox <alan@...rguk.ukuu.org.uk> To: Al Viro <viro@....linux.org.uk> Cc: David Howells <dhowells@...hat.com>, sds@...ho.nsa.gov, jmorris@...ei.org, chrisw@...s-sol.org, selinux@...ho.nsa.gov, linux-kernel@...r.kernel.org, aviro@...hat.com Subject: Re: Security issues with local filesystem caching Ar Iau, 2006-10-26 am 01:32 +0100, ysgrifennodd Al Viro: > to. What about access to cache tree by root process that has nothing > to do with that daemon? Should it get free access to that stuff, regardless > of what policy might say about access to cached files? Or should we at > least try to make sure that we have the instances in cache no more permissive > than originals on NFS? This is already the case however. Root has ptrace, people have /proc access (even more than before because the chroot check was broken recently), root has CAP_SYS_RAWIO. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists