| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20080813112420.12378ebf@infradead.org> Date: Wed, 13 Aug 2008 11:24:20 -0700 From: Arjan van de Ven <arjan@...radead.org> To: Andi Kleen <andi@...stfloor.org> Cc: Eric Paris <eparis@...hat.com>, linux-kernel@...r.kernel.org, malware-list@...ts.printk.net, andi@...stfloor.org, riel@...hat.com, greg@...ah.com, tytso@....edu, viro@...IV.linux.org.uk, alan@...rguk.ukuu.org.uk, peterz@...radead.org, hch@...radead.org Subject: Re: TALPA - a threat model? well sorta. On Wed, 13 Aug 2008 20:17:14 +0200 Andi Kleen <andi@...stfloor.org> wrote: > > I would suggest again to clarify this important point first. It has > significant impact on the whole design. agreed. > > Personally I would think not protecting against root would be quite > limiting (e.g. it would mean that e.g. if some worm trojans rpms > people download then they wouldn't be caught because rpms are > installed as root), on argument could be that root apps like that could/should do explicit scanning regardless. (if we have an explicit interface to scan a file that's not too hard) -- If you want to reach me at my work email, use arjan@...ux.intel.com For development, discussion and tips for power savings, visit http://www.lesswatts.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists