| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20071202120214.68cf1700@laptopd505.fenrus.org> Date: Sun, 2 Dec 2007 12:02:14 -0800 From: Arjan van de Ven <arjan@...radead.org> To: Valdis.Kletnieks@...edu Cc: Pavel Machek <pavel@....cz>, tvrtko.ursulin@...hos.com, Andi Kleen <andi@...stfloor.org>, ak@...e.de, linux-kernel@...r.kernel.org Subject: Re: Out of tree module using LSM On Sun, 02 Dec 2007 14:44:48 -0500 Valdis.Kletnieks@...edu wrote: > On Sat, 01 Dec 2007 08:43:32 GMT, Pavel Machek said: > > > So what you are trying to do is 'application may never read bad > > sequence of bits from disk', right? > > No, in many of the use cases, we're trying to do "if application > reads certain specified sequences of bits from disk we know about > it", which is subtly different. Often, *absolute* prevention isn't > required, as long as we can generate audit trails and/or alerts... .. which breaks down if/when glibc uses mmap() to implement the fopen/fread etc interface (note: it already does, just not quite yet by default) -- If you want to reach me at my work email, use arjan@...ux.intel.com For development, discussion and tips for power savings, visit http://www.lesswatts.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists