lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080609171741.GA13403@us.ibm.com>
Date:	Mon, 9 Jun 2008 12:17:41 -0500
From:	"Serge E. Hallyn" <serue@...ibm.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Andrew Morgan <morgan@...nel.org>,
	Dmitry Adamushko <dmitry.adamushko@...il.com>,
	"Serge E. Hallyn" <serue@...ibm.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken for some
	configs, e.g. CONFIG_SECURITY_SELINUX

Quoting Andrew Morton (akpm@...ux-foundation.org):
> On Sun, 08 Jun 2008 15:34:44 -0700 Andrew Morgan <morgan@...nel.org> wrote:
> 
> > | On Sun, 08 Jun 2008 08:10:26 -0700 Andrew Morgan <morgan@...nel.org>
> > wrote:
> > |
> > |> Nacked-by: Andrew G. Morgan <morgan@...nel.org>
> > |>
> > |> In a configuration in which you are not using capabilities, what is the
> > |> "keep capabilities" operation supposed to do? Lie to you?
> > |>
> > |> http://bugzilla.kernel.org/show_bug.cgi?id=10748
> > |
> > | I totally agree with comment 11 there. Quite a number of people have
> > already
> > | hit this and more surely will.  How can we help them (and hence us)?
> >
> > What do people think about comment #8 from Stephen Smalley?:
> > 
> > The dummy module is generally in the untenable position of having to lie
> > to userspace or break the existing capability-related system call
> > interface.  It should just go away, and make capability the default
> > module (w/ stubs for the rest of the LSM hooks as with dummy).  Then
> > CONFIG_SECURITY=n will yield the same result as CONFIG_SECURITY=y w/o
> > any further options.
> 
> (removed pgp crap, undid top-posting.  Your emails are very hard to reply to)
> 
> It's a fine comment, but I am not knowledgeable enough in this area to
> say whether it's a desirable thing to do for 2.6.26.
> 
> I fear that nothing will happen, and we'll end up wasting a lot of
> peoples' time sending hey-why-did-my-dhcp-break reports.

If we decide to get rid of dummy long-term, then it's far less
distasteful to have it lie and claim the keepcaps worked in the
meantime.

So for 2.6.26 we could have dummy lie, then plan to make capabilities
the default for 2.6.27?

-serge
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ