| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <341211515328469@web54o.yandex.ru>
Date: Sun, 07 Jan 2018 15:34:29 +0300
From: Ozgur <ozgur@...sey.org>
To: Theodore Ts'o <tytso@....edu>, Avi Kivity <avi@...lladb.com>
Cc: Alan Cox <gnomes@...rguk.ukuu.org.uk>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: Proposal: CAP_PAYLOAD to reduce Meltdown and Spectre mitigation costs
07.01.2018, 15:29, "Theodore Ts'o" <tytso@....edu>:
> On Sun, Jan 07, 2018 at 11:16:28AM +0200, Avi Kivity wrote:
>> I think capabilities will work just as well with cgroups. The container
>> manager will set CAP_PAYLOAD to payload containers; and if those run an init
>> system or a container manager themselves, they'll drop CAP_PAYLOAD for all
>> process/sub-containers but their payloads.
>
> The reason why cgroups are better is Spectre can be used to steal
> information from within the same privilege level --- e.g., you could
> use Javascript to steal a user's Coindesk credentials or Lastpass
> data, which is going to be *way* more lucrative than trying to mine
> cryptocurrency in the sly in a user's browser. :-)
I think the web coin mining pages also work with this method they probably use JS in the background but currently, impossible to do kernel-level operations.
All process start on the browser level and Spectre not read kernel memory, right?
Ozgur
> As a result, you probably want Spectre mitigations to be enabled in a
> root process --- which means capabilities aren't the right answer.
>
> Regards,
>
> - Ted
Powered by blists - more mailing lists