[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <466A0020.50406@redhat.com>
Date: Fri, 08 Jun 2007 18:19:28 -0700
From: Ulrich Drepper <drepper@...hat.com>
To: Al Viro <viro@....linux.org.uk>
CC: Linus Torvalds <torvalds@...ux-foundation.org>,
Davide Libenzi <davidel@...ilserver.org>,
Alan Cox <alan@...rguk.ukuu.org.uk>,
Theodore Tso <tytso@....edu>,
Eric Dumazet <dada1@...mosbay.com>,
Kyle Moffett <mrmacman_g4@....com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Ingo Molnar <mingo@...e.hu>
Subject: Re: [patch 7/8] fdmap v2 - implement sys_socket2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Al Viro wrote:
> Exactly. Put it another way, randomizer is a stress-tester.
... and a security mechanism. And as such it is only useful if it is
used. Probably it should be policy-controlled whether you can turn it off.
> Note that
> #define NR_FILES <some constant>
>
> for (i = 0; i < NR_FILES; i++)
> close(i);
You're confusing the problems. This is not the argument for having a
separate file descriptor set. It is the argument to have hidden file
descriptors. Randomization has nothing whatsoever to do with this example.
- --
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGagAg2ijCOnn/RHQRAhV+AJ9qT2epTxDWWS++74f+vrV3NucVHACdGkxm
MULoyE+0NY7dSHcB2epKe7w=
=o3+1
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists