| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Mar 2008 00:09:30 +0100 From: Pavel Machek <pavel@....cz> To: Oleg Nesterov <oleg@...sign.ru> Cc: Andrew Morton <akpm@...ux-foundation.org>, "Eric W. Biederman" <ebiederm@...ssion.com>, Pavel Emelyanov <xemul@...nvz.org>, Stephen Smalley <sds@...ho.nsa.gov>, Roland McGrath <roland@...hat.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] ptrace: it is fun to strace /sbin/init On Tue 2008-03-25 02:04:58, Oleg Nesterov wrote: > On 03/24, Pavel Machek wrote: > > > > > /sbin/init is important, but there are other important (and sometimes > > > much more important) services. Why it is so special so that we can't > > > debug/strace it? > > > > Maybe. Let's kill /sbin/init protection in 2.6.26. But making it > > optional is wrong. > > You are right, the boot parameter is silly. How about sysctl? I'd prefer it to be hardcoded, really. "You can kill /sbin/init" sounds right. "You can kill /sbin/init on 2.6.26+" sounds... still quite ok. "You can kill /sbin/init on 2.6.26+ if you have /proc/sys/foo/bar == 1" sounds... quite wrong. > Stephen, do you see any security problems if we make /sbin/init > ptraceable by default? Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html pomozte zachranit klanovicky les: http://www.ujezdskystrom.info/ -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists