lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 10 Aug 2013 13:08:42 -0700
From:	Bob Smith <bsmith@...uxtoys.org>
To:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
CC:	Arnd Bergmann <arnd@...db.de>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 001/001] CHAR DRIVERS: a simple device to give daemons
 a /sys-like interface

Greg Kroah-Hartman wrote:
> Otherwise, to accept this code, I need to see a way that normal users
> can use it (i.e. no root or mknod), and that it can handle namespaces
> and the security interface that the kernel has to support.  To do so
> otherwise would be unfair to users who expect such a thing.

Greg, I don't know the etiquette of the lkml but I think the
above means "no, go away".

OK.
On my way out the door I'll give a recap and say thanks


GOAL
The goal of this patch was to make it possible to configure
daemons using simple file IO.  The litmus test for this is
that commands like these should be possible
	cat < /var/daemons/wpa_supplicant/use_channel
	echo 5 >/var/daemons/wpa_supplicant/use_channel

Yes, there are many other ways to configure a daemon but
none with the simplicity and grace of file IO.  For proof
of this I point to procfs and sysfs.

APPROACHES
Modifying name pipes was rejected as being too complex.
Modifying FUSE was rejected for the amount of effort needed.
The method chosen was to create a small character device
to pass the data between the client and the daemon.  The
resulting code was small and simple but requires a device
node.

CONCLUSION
Pseudo-ttys not withstanding, the kernel does not want
IPC mechanisms that require root privileges or mknod.
For this and other reasons this patch is rejected.


Greg, once again thanks for your patience in helping a
non-kernel guy through all of this.  Thanks.

bye
Bob Smith
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists