| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87mytx91y6.fsf@olafdietsche.de> Date: Thu, 01 Nov 2007 20:54:09 +0100 From: Olaf Dietsche <olaf+list.linux-kernel@...fdietsche.de> To: "Serge E. Hallyn" <serge@...lyn.com> Cc: Olaf Dietsche <olaf+list.linux-kernel@...fdietsche.de>, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, Andrew Morgan <morgan@...nel.org>, Stephen Smalley <sds@...ch.ncsc.mil>, Chris Wright <chrisw@...l.org> Subject: Re: [PATCH] 2.6.23: Filesystem capabilities 0.17 "Serge E. Hallyn" <serge@...lyn.com> writes: > Quoting Olaf Dietsche (olaf+list.linux-kernel@...fdietsche.de): >> This patch implements filesystem capabilities. It allows to >> run privileged executables without the need for suid root. >> >> Changes: >> - updated to 2.6.23 >> - fix const correctness >> - fix secureexec [...] > given that file capabilities are now in 2.6.23, could you explain the > benefits of this version? Should we consider switching it out for > yours? It's just another version, works without xattr and, most important: it's mine :-) > If we stick with the current upstream file capabilities patch, should we > port your SECURE_HACK to it? I actually thought that fixing > bprm_secure_exec() sufficed? Fixing bprm_secure_exec() is sufficient. SECURE_HACK is just a leftover, when there was no AT_SECURE and accordingly libc (< 2.3.6) ignored bprm_secure_exec(). Regards, Olaf. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists