| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 May 2017 19:40:33 -0400
From: Daniel Micay <danielmicay@...il.com>
To: Matt Brown <matt@...tt.com>, Nick Kralevich <nnk@...gle.com>,
Stephen Smalley <sds@...ho.nsa.gov>,
Alan Cox <gnomes@...rguk.ukuu.org.uk>,
Kees Cook <keescook@...omium.org>
Cc: Casey Schaufler <casey@...aufler-ca.com>,
Boris Lukashev <blukashev@...pervictus.com>,
Greg KH <gregkh@...uxfoundation.org>,
"Serge E. Hallyn" <serge@...lyn.com>,
kernel-hardening@...ts.openwall.com,
linux-security-module <linux-security-module@...r.kernel.org>,
linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [kernel-hardening] Re: [PATCH v7 2/2] security: tty: make
TIOCSTI ioctl require CAP_SYS_ADMIN
On Tue, 2017-05-30 at 19:00 -0400, Matt Brown wrote:
> On 5/30/17 4:22 PM, Daniel Micay wrote:
> > > Thanks, I didn't know that android was doing this. I still think
> > > this
> > > feature
> > > is worthwhile for people to be able to harden their systems
> > > against
> > > this attack
> > > vector without having to implement a MAC.
> >
> > Since there's a capable LSM hook for ioctl already, it means it
> > could go
> > in Yama with ptrace_scope but core kernel code would still need to
> > be
> > changed to track the owning tty. I think Yama vs. core kernel
> > shouldn't
> > matter much anymore due to stackable LSMs.
> >
>
> What does everyone think about a v8 that moves this feature under Yama
> and uses
> the file_ioctl LSM hook?
It would only make a difference if it could be fully contained there, as
in not depending on tracking the tty owner.
Powered by blists - more mailing lists