| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20070125001253.75f899d6.akpm@osdl.org> Date: Thu, 25 Jan 2007 00:12:53 -0800 From: Andrew Morton <akpm@...l.org> To: "Serge E. Hallyn" <serue@...ibm.com> Cc: "Eric W. Biederman" <ebiederm@...ssion.com>, lkml <linux-kernel@...r.kernel.org>, containers@...ts.osdl.org Subject: Re: [PATCH 7/8] user ns: handle file sigio On Wed, 24 Jan 2007 12:58:45 -0600 "Serge E. Hallyn" <serue@...ibm.com> wrote: > > If we need to I can see doing something special if the process setting > > fown has CAP_KILL > > Obviously CAP_KILL is insufficient :) I assume you mean a new > CAP_XNS_CAP_KILL? > > > and bypassing the security checks that way, but > > hard coding rules like that when it doesn't appear we have any > > experience to indicate we need the extra functionality looks > > premature. > > Ok, in this case actually I suspect you're right and we can just ditch > the exception. But in general the security discussion is one we should > still have. People like security. Where do we now stand with this patch, and with "[PATCH 4/8] user ns: hook permission"? - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists