| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090429132844.GB29151@redhat.com> Date: Wed, 29 Apr 2009 15:28:44 +0200 From: Oleg Nesterov <oleg@...hat.com> To: David Howells <dhowells@...hat.com> Cc: James Morris <jmorris@...ei.org>, Eric Paris <eparis@...isplace.org>, Roland McGrath <roland@...hat.com>, Stephen Smalley <sds@...ho.nsa.gov>, linux-kernel@...r.kernel.org Subject: Re: Q: selinux_bprm_committed_creds() && signals/do_wait On 04/29, David Howells wrote: > > From: David Howells <dhowells@...hat.com> > Subject: [PATCH] SELinux: Don't flush inherited SIGKILL during execve() > > Don't flush inherited SIGKILL during execve() in SELinux's post cred commit > hook. This isn't really a security problem: if the SIGKILL came before the > credentials were changed, then we were right to receive it at the time, and > should honour it; if it came after the creds were changed, then we definitely > should honour it; and in any case, all that will happen is that the process > will be scrapped before it ever returns to userspace. > > Signed-off-by: David Howells <dhowells@...hat.com> Signed-off-by: Oleg Nesterov <oleg@...hat.com> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists