| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090112161931.6203f96e@lxorguk.ukuu.org.uk> Date: Mon, 12 Jan 2009 16:19:31 +0000 From: Alan Cox <alan@...rguk.ukuu.org.uk> To: Evgeniy Polyakov <zbr@...emap.net> Cc: linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: Linux killed Kenny, bastard! > Yes, it could be done. If inotify will not be killed itself, will be > enabled in the config and daemon will be started. > But right now there is no way to solve that task, in the long term this > is a good idea to implement modulo security problems it may concern. It is perfectly soluble right now, use the existing /proc interface. If you want to specifically victimise new tasks first then set everything else with an adjust *against* being killed and new stuff will start off as cannon fodder until classified. The name approach is the wrong way to handle this. It has no reflection of heirarchy of process, targetting by users, containers etc.. In fact containers are probably the right way to do it -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists