| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5j+ObQAPBruUGpM2Vu_Fr91dNwdmy=ryJ2bOmm18qJEWnQ@mail.gmail.com> Date: Mon, 12 Nov 2012 14:10:50 -0800 From: Kees Cook <keescook@...omium.org> To: P J P <ppandit@...hat.com> Cc: Al Viro <viro@...iv.linux.org.uk>, linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Josh Triplett <josh@...htriplett.org>, Serge Hallyn <serge.hallyn@...onical.com>, linux-fsdevel@...r.kernel.org, halfdog <me@...fdog.net> Subject: Re: [PATCH] exec: do not leave bprm->interp on stack On Tue, Nov 6, 2012 at 12:10 AM, P J P <ppandit@...hat.com> wrote: > > Hello Kees, Al, > > +-- On Sat, 27 Oct 2012, Kees Cook wrote --+ > | If we change binfmt_script to not make a recursive call, then we still > | need to keep the interp change somewhere off the stack. I still think > | my patchset is the least bad. > | > | Al, do you have something else in mind? > > Guys, are there any updates further? > > Al, what's your take on the *rare* extra call to request_module? Without any other feedback, I'd like to use my minimal allocation patch, since it fixes the problem and doesn't change any of the semantics of how/when loading happens. -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists