| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <D2HYFLLXVYLS.ORASE7L62L3N@kernel.org> Date: Sat, 06 Jul 2024 01:22:06 +0300 From: "Jarkko Sakkinen" <jarkko@...nel.org> To: "Kees Cook" <kees@...nel.org>, Mickaël Salaün <mic@...ikod.net> Cc: "Al Viro" <viro@...iv.linux.org.uk>, "Christian Brauner" <brauner@...nel.org>, "Linus Torvalds" <torvalds@...ux-foundation.org>, "Paul Moore" <paul@...l-moore.com>, "Theodore Ts'o" <tytso@....edu>, "Alejandro Colomar" <alx@...nel.org>, "Aleksa Sarai" <cyphar@...har.com>, "Andrew Morton" <akpm@...ux-foundation.org>, "Andy Lutomirski" <luto@...nel.org>, "Arnd Bergmann" <arnd@...db.de>, "Casey Schaufler" <casey@...aufler-ca.com>, "Christian Heimes" <christian@...hon.org>, "Dmitry Vyukov" <dvyukov@...gle.com>, "Eric Biggers" <ebiggers@...nel.org>, "Eric Chiang" <ericchiang@...gle.com>, "Fan Wu" <wufan@...ux.microsoft.com>, "Florian Weimer" <fweimer@...hat.com>, "Geert Uytterhoeven" <geert@...ux-m68k.org>, "James Morris" <jamorris@...ux.microsoft.com>, "Jan Kara" <jack@...e.cz>, "Jann Horn" <jannh@...gle.com>, "Jeff Xu" <jeffxu@...gle.com>, "Jonathan Corbet" <corbet@....net>, "Jordan R Abrahams" <ajordanr@...gle.com>, "Lakshmi Ramasubramanian" <nramas@...ux.microsoft.com>, "Luca Boccassi" <bluca@...ian.org>, "Luis Chamberlain" <mcgrof@...nel.org>, "Madhavan T . Venkataraman" <madvenka@...ux.microsoft.com>, "Matt Bobrowski" <mattbobrowski@...gle.com>, "Matthew Garrett" <mjg59@...f.ucam.org>, "Matthew Wilcox" <willy@...radead.org>, "Miklos Szeredi" <mszeredi@...hat.com>, "Mimi Zohar" <zohar@...ux.ibm.com>, "Nicolas Bouchinet" <nicolas.bouchinet@....gouv.fr>, "Scott Shell" <scottsh@...rosoft.com>, "Shuah Khan" <shuah@...nel.org>, "Stephen Rothwell" <sfr@...b.auug.org.au>, "Steve Dower" <steve.dower@...hon.org>, "Steve Grubb" <sgrubb@...hat.com>, "Thibaut Sautereau" <thibaut.sautereau@....gouv.fr>, "Vincent Strubel" <vincent.strubel@....gouv.fr>, "Xiaoming Ni" <nixiaoming@...wei.com>, "Yin Fengwei" <fengwei.yin@...el.com>, <kernel-hardening@...ts.openwall.com>, <linux-api@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>, <linux-integrity@...r.kernel.org>, <linux-kernel@...r.kernel.org>, <linux-security-module@...r.kernel.org> Subject: Re: [RFC PATCH v19 2/5] security: Add new SHOULD_EXEC_CHECK and SHOULD_EXEC_RESTRICT securebits On Sat Jul 6, 2024 at 12:44 AM EEST, Kees Cook wrote: > > As explained in the UAPI comments, all parent processes need to be > > trusted. This meeans that their code is trusted, their seccomp filters > > are trusted, and that they are patched, if needed, to check file > > executability. > > But we have launchers that apply arbitrary seccomp policy, e.g. minijail > on Chrome OS, or even systemd on regular distros. In theory, this should > be handled via other ACLs. Or a regular web browser? AFAIK seccomp filtering was the tool to make secure browser tabs in the first place. BR, Jarkko
Powered by blists - more mailing lists