lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Feb 2022 20:29:47 -0800 From: "Andrew G. Morgan" <morgan@...nel.org> To: James Morris <jmorris@...ei.org> Cc: linux-kernel@...r.kernel.org, Eric Biederman <ebiederm@...ssion.com>, "Serge E . Hallyn" <serge@...lyn.com> Subject: Re: [PATCH] proc: add SecBits field to /proc/<PID>/status James, I'm not sure how to address this concern. Is there a specific issue like the characters used in the newly added line are problematic in some way? (I think '.' is the only character introduced by this change that I don't currently find in, say, /proc/1/status, but if I create a file called foo.bin and execute it, its status file contains that character.) In a more general sense, how might this change be problematic in a way that, say fe719888344cc (from 2020-12-15) which added the line "SpeculationIndirectBranch:\t..." was not of similar concern? I've tried to be consistent with the formatting etc. Am I missing something? Thanks Andrew On Thu, Feb 3, 2022 at 9:45 AM James Morris <jmorris@...ei.org> wrote: > > On Sun, 30 Jan 2022, Andrew G. Morgan wrote: > > > Securebits strongly influence the way Capabilities work for a process, > > make them visible in the proc status files. > > My concern is that this might break some existing userspace code which > parses the status file. > > > -- > James Morris > <jmorris@...ei.org> >
Powered by blists - more mailing lists