| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20101107114156.GV4627@1wt.eu> Date: Sun, 7 Nov 2010 12:41:56 +0100 From: Willy Tarreau <w@....eu> To: Ingo Molnar <mingo@...e.hu> Cc: Marcus Meissner <meissner@...e.de>, security@...nel.org, mort@....com, Peter Zijlstra <a.p.zijlstra@...llo.nl>, fweisbec@...il.com, "H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org, jason.wessel@...driver.com, tj@...nel.org, Andrew Morton <akpm@...ux-foundation.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Thomas Gleixner <tglx@...utronix.de> Subject: Re: [Security] [PATCH] kernel: make /proc/kallsyms mode 400 to reduce ease of attacking On Sun, Nov 07, 2010 at 12:27:09PM +0100, Ingo Molnar wrote: > > I don't understand the point you're trying to make with this patch. [...] > > It was a simple experiement to support my rather simple argument which you disputed. OK > > [...] Obviously we can pretend to be any version, [...] > > Ok, it's a pretty cavalier style of arguing that you now essentially turn around > your earlier claim that the 'kernel version is needed at many places' and say what > i've been saying, prefixed with 'obviously' ;-) Huh ? > Yes, it's obvious that the kernel version is not needed for many functional purposes > on a modern distro - and that was my exact point. > > I cannot think of a single valid case where the proper user-space solution to some > ABI compatibility detail is a kernel version check. Ingo, I believe you did not read a single line of my previous mail, because I precisely gave you counter-examples of that. The first use is simply the user running "uname -a" to see if *he* can safely enable feature X or Y which is known to be badly broken in some old versions. > I'd even argue that we want to > keep unprivileged user-space from being able to implement such crappy version checks > ... I'd say that *YOU* want that despite the fact that on mainstream distros, it buys nothing since it's easy to guess the real version anyway as I showed you. Don't forget that you proposed this in order to hide symbols from a small set of well-known distro kernels. And the most important in my opinion is that it does not bring anything to those who are currently victim of exploits : those who don't upgrade, because their uptime alone is enough to *know* that the vuln you want to exploit is still there. At some places, your proposal would probably end up with uname being chmoded +s so that users stop asking the admin for trivial things. That really makes no sense. Willy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists