lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20130904175239.GO19750@two.firstfloor.org>
Date:	Wed, 4 Sep 2013 19:52:39 +0200
From:	Andi Kleen <andi@...stfloor.org>
To:	Pavel Emelyanov <xemul@...allels.com>
Cc:	Janani Venkataraman <jananive@...ux.vnet.ibm.com>,
	linux-kernel@...r.kernel.org,
	Jeremy Fitzhardinge <jeremy.fitzhardinge@...rix.com>,
	Daisuke HATAYAMA <d.hatayama@...fujitsu.com>,
	Andi Kleen <andi@...stfloor.org>,
	Roland McGrath <roland@...k.frob.com>,
	Amerigo Wang <amwang@...hat.com>,
	Christoph Hellwig <hch@....de>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>,
	Masami Hiramatsu <mhiramat@...hat.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Alexey Dobriyan <adobriyan@...il.com>,
	Oleg Nesterov <oleg@...hat.com>, Tejun Heo <tj@...nel.org>,
	avagin@...nvz.org, gorcunov@...nvz.org,
	James Hogan <james.hogan@...tec.com>,
	Mike Frysinger <vapier@...too.org>,
	"Randy.Dunlap" <rdunlap@...otime.net>,
	Eric Paris <eparis@...hat.com>, ananth@...ibm.com,
	suzuki@...ibm.com, aravinda@...ux.vnet.ibm.com,
	tarundeep.singh@...ibm.com
Subject: Re: RFD: Non-Disruptive Core Dump Infrastructure

> Briefly -- we will implement the CRIU service, which is a daemon running from
> root and listening on a unix socket. When a task wants to dump himself, it sends 
> to the service a "dump me" message. The service then goes and dumps the process.

Maybe I'm missing something, but if the dump file is then readable by
the process and includes the output of the new interfaces
any potential security leaks exposed by the new interfaces would 
be already there for unpriv. users?

-Andi

-- 
ak@...ux.intel.com -- Speaking for myself only.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ