lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4798E26D.6010908@goop.org>
Date:	Thu, 24 Jan 2008 11:09:33 -0800
From:	Jeremy Fitzhardinge <jeremy@...p.org>
To:	"Oliver Pinter (Pintér Olivér)" 
	<oliver.pntr@...il.com>
CC:	Adrian Bunk <bunk@...nel.org>, David Miller <davem@...emloft.net>,
	Greg KH <gregkh@...e.de>, Greg KH <greg@...ah.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Linux Kernel <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Randy Dunlap <randy.dunlap@...cle.com>,
	Al Viro <viro@...iv.linux.org.uk>,
	Arnd Bergmann <arnd@...db.de>
Subject: Re: Add common orderly_poweroff() to 2.6.22?

Oliver Pinter (Pintér Olivér) wrote:
> On 1/24/08, Jeremy Fitzhardinge <jeremy@...p.org> wrote:
>   
>> Oliver Pinter (Pintér Olivér) wrote:
>>     
>>> Hi all!
>>>
>>> commit in mainline 10a0a8d4e3f6bf2d077f94344441909abe670f5a is go in
>>> the satble 2.6.22
>>>
>>> the grund for this question is http://hup.hu/node/49773 .
>>>
>>>       
>> Is there a compelling reason?
>>     
>
> no, but in forum some person have the question, why the kernel call
> userspace program and it is secure or not...
>   

Ah, my non-existent knowledge of Hungarian wasn't up to interpreting 
that page ;)

It should be secure if done properly.  Of course, if you set the 
"poweroff" executable to something untrustworthy then you'll have a 
problem, but there's no inherent security problem there.  And if you 
want to do an orderly shutdown, you need to have some amount of help 
from the userspace side of things, and invoking a command is the normal 
way to do this.

    J
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ