| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87inzdju98.fsf@x220.int.ebiederm.org> Date: Tue, 19 Apr 2016 14:03:47 -0500 From: ebiederm@...ssion.com (Eric W. Biederman) To: "H. Peter Anvin" <hpa@...or.com> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Andy Lutomirski <luto@...capital.net>, security@...ian.org, "security\@kernel.org" <security@...nel.org>, Al Viro <viro@...iv.linux.org.uk>, "security\@ubuntu.com \>\> security" <security@...ntu.com>, Peter Hurley <peter@...leysoftware.com>, Serge Hallyn <serge.hallyn@...ntu.com>, Willy Tarreau <w@....eu>, Aurelien Jarno <aurelien@...el32.net>, One Thousand Gnomes <gnomes@...rguk.ukuu.org.uk>, Jann Horn <jann@...jh.net>, Greg KH <greg@...ah.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Jiri Slaby <jslaby@...e.com>, Florian Weimer <fw@...eb.enyo.de> Subject: Re: [PATCH 14/16] vfs: Implement mount_super_once "H. Peter Anvin" <hpa@...or.com> writes: >>- Support for reserving ptys for the system devpts instance using >> /proc/sys/kernel/pty/reserve needs to be removed. >> >>Eric > > pty capping should probably be a devpts mount option There is a max option so pty capping is a per devpts option. > , and perhaps a > sufficiently privileged user could be allowed to set another mount > option to allow that instance to dip into the reserved pool or exempt > it completely from the global limit as set in sysctl. I agree that we could keep the reserved pool, and add a new way to access it. However no piece of existing userspace could use it. So the simplest thing to do (unless something actually breaks), is to just remove the reserve pool. Eric
Powered by blists - more mailing lists