lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87k1wqcykw.fsf@xmission.com>
Date:   Tue, 09 Jan 2018 19:05:51 -0600
From:   ebiederm@...ssion.com (Eric W. Biederman)
To:     Richard Guy Briggs <rgb@...hat.com>
Cc:     cgroups@...r.kernel.org,
        Linux Containers <containers@...ts.linux-foundation.org>,
        Linux API <linux-api@...r.kernel.org>,
        Linux Audit <linux-audit@...hat.com>,
        Linux FS Devel <linux-fsdevel@...r.kernel.org>,
        Linux Kernel <linux-kernel@...r.kernel.org>,
        Linux Network Development <netdev@...r.kernel.org>,
        Simo Sorce <simo@...hat.com>,
        Carlos O'Donell <carlos@...hat.com>,
        Aristeu Rozanski <arozansk@...hat.com>,
        David Howells <dhowells@...hat.com>,
        Eric Paris <eparis@...isplace.org>,
        Daniel Walsh <dwalsh@...hat.com>, jlayton@...hat.com,
        Andy Lutomirski <luto@...nel.org>, mszeredi@...hat.com,
        Paul Moore <pmoore@...hat.com>,
        "Serge E. Hallyn" <serge@...lyn.com>,
        Steve Grubb <sgrubb@...hat.com>, trondmy@...marydata.com,
        Al Viro <viro@...iv.linux.org.uk>, Madz Car <madzcar@...il.com>
Subject: Re: RFC(V3): Audit Kernel Container IDs


Please let's have a description of the problem you are trying to solve.

A proposed solution without talking about the problem space is useless.
Any proposed solution could potentially work.

I know to these exist.  There is motivation for your work.
What is the motivation?
What problem are you trying to solve?

In particular what information are you trying to get into logs that you
can not get into the logs today?

I am going to try to give this the attention it deserves but right now I
am having to deal with half thought out patches for information leaks
from speculative code paths, so I won't be able to give this much
attention for a little bit.

Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ