| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 9 Jun 2008 12:17:41 -0500 From: "Serge E. Hallyn" <serue@...ibm.com> To: Andrew Morton <akpm@...ux-foundation.org> Cc: Andrew Morgan <morgan@...nel.org>, Dmitry Adamushko <dmitry.adamushko@...il.com>, "Serge E. Hallyn" <serue@...ibm.com>, Linus Torvalds <torvalds@...ux-foundation.org>, linux-kernel <linux-kernel@...r.kernel.org> Subject: Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken for some configs, e.g. CONFIG_SECURITY_SELINUX Quoting Andrew Morton (akpm@...ux-foundation.org): > On Sun, 08 Jun 2008 15:34:44 -0700 Andrew Morgan <morgan@...nel.org> wrote: > > > | On Sun, 08 Jun 2008 08:10:26 -0700 Andrew Morgan <morgan@...nel.org> > > wrote: > > | > > |> Nacked-by: Andrew G. Morgan <morgan@...nel.org> > > |> > > |> In a configuration in which you are not using capabilities, what is the > > |> "keep capabilities" operation supposed to do? Lie to you? > > |> > > |> http://bugzilla.kernel.org/show_bug.cgi?id=10748 > > | > > | I totally agree with comment 11 there. Quite a number of people have > > already > > | hit this and more surely will. How can we help them (and hence us)? > > > > What do people think about comment #8 from Stephen Smalley?: > > > > The dummy module is generally in the untenable position of having to lie > > to userspace or break the existing capability-related system call > > interface. It should just go away, and make capability the default > > module (w/ stubs for the rest of the LSM hooks as with dummy). Then > > CONFIG_SECURITY=n will yield the same result as CONFIG_SECURITY=y w/o > > any further options. > > (removed pgp crap, undid top-posting. Your emails are very hard to reply to) > > It's a fine comment, but I am not knowledgeable enough in this area to > say whether it's a desirable thing to do for 2.6.26. > > I fear that nothing will happen, and we'll end up wasting a lot of > peoples' time sending hey-why-did-my-dhcp-break reports. If we decide to get rid of dummy long-term, then it's far less distasteful to have it lie and claim the keepcaps worked in the meantime. So for 2.6.26 we could have dummy lie, then plan to make capabilities the default for 2.6.27? -serge -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists