| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <50944E03.80802@xdin.com> Date: Fri, 2 Nov 2012 22:49:40 +0000 From: Arvid Brodin <Arvid.Brodin@...n.com> To: "Eric W. Biederman" <ebiederm@...ssion.com> CC: Arvid Brodin <Arvid.Brodin@...n.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Andrew Morton <akpm@...ux-foundation.org>, "Al Viro" <viro@...iv.linux.org.uk>, Cyrill Gorcunov <gorcunov@...nvz.org>, "David Rientjes" <rientjes@...gle.com> Subject: Re: fs/proc/base.c: text md5sums; tgid vs tid; and INF vs ONE? On 2012-11-01 21:29, Arvid Brodin wrote: > On 2012-10-30 23:45, Eric W. Biederman wrote: >> I recommend you checkout the code in security/ima/ looks like it can >> already do what you are trying to do. > > Ah. I did actually check this out a year and a half ago or something like that. Seems like > it has gotten a bit more capable since then with the new patches (immutable executables > etc)! I'll take a look at it again to see if it might fit our needs. Thanks! > It looks like IMA only checks files when they are accessed; I cannot find any mechanism for checking code that is already executing. So it won't help us, unfortunately. -- Arvid Brodin | Consultant (Linux) XDIN AB | Knarrarnäsgatan 7 | SE-164 40 Kista | Sweden | xdin.com
Powered by blists - more mailing lists