lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20170112215128.GA14063@amd>
Date:   Thu, 12 Jan 2017 22:51:28 +0100
From:   Pavel Machek <pavel@....cz>
To:     Florian Weimer <fweimer@...hat.com>
Cc:     Yury Norov <ynorov@...iumnetworks.com>, libc-alpha@...rceware.org,
        linux-arch@...r.kernel.org, linux-kernel@...r.kernel.org,
        Catalin Marinas <catalin.marinas@....com>,
        szabolcs.nagy@....com, heiko.carstens@...ibm.com,
        cmetcalf@...hip.com, philipp.tomsich@...obroma-systems.com,
        joseph@...esourcery.com, zhouchengming1@...wei.com,
        Prasun.Kapoor@...iumnetworks.com, agraf@...e.de,
        geert@...ux-m68k.org, kilobyte@...band.pl,
        manuel.montezelo@...il.com, arnd@...db.de, pinskia@...il.com,
        linyongting@...wei.com, klimov.linux@...il.com, broonie@...nel.org,
        bamvor.zhangjian@...wei.com, linux-arm-kernel@...ts.infradead.org,
        maxim.kuvyrkov@...aro.org, Nathan_Lynch@...tor.com,
        schwidefsky@...ibm.com, davem@...emloft.net,
        christoph.muellner@...obroma-systems.com
Subject: Re: [Question] New mmap64 syscall?

On Thu 2017-01-12 17:13:25, Florian Weimer wrote:
> On 01/03/2017 09:54 PM, Pavel Machek wrote:
> >...actually, with strace and batched interface, it will be impossible
> >to see what is going on because of races. So I'm not sure if I like
> >the batched interface at all...
> 
> I'm not sure if I understand this problem.
> 
> ioctl, fcntl, most socket system calls, even open all have this problem as
> well, right?

Yes, ioctl() and similar are problematic. Still it is possible to
implement secure sandbox using ptrace. Dealing with indirect mmap()
would difficult AFAICT.

									Pavel

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ