| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKPOu+-S5C59X8zW=6keYAsHecketOBzMbb3XXDnLTc0X1nBhA@mail.gmail.com> Date: Wed, 11 Jun 2025 16:23:56 +0200 From: Max Kellermann <max.kellermann@...os.com> To: Paul Moore <paul@...l-moore.com> Cc: Jann Horn <jannh@...gle.com>, "Eric W. Biederman" <ebiederm@...ssion.com>, Richard Guy Briggs <rgb@...hat.com>, "Serge E. Hallyn" <serge@...lyn.com>, Kees Cook <kees@...nel.org>, jmorris@...ei.org, Andy Lutomirski <luto@...nel.org>, morgan@...nel.org, Christian Brauner <christian@...uner.io>, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2] exec: Correct the permission check for unsafe exec On Wed, Jun 11, 2025 at 2:19 AM Paul Moore <paul@...l-moore.com> wrote: > Aside from a tested-by verification from Max, it looks like everyone > is satisfied with the v2 patch, yes? Sorry for the delay. I tested Eric's v2 patch and it solves my problem. His patch is nearly identical to mine, it's only a bit more intrusive by removing the weird __is_setXid functions that never made sense. I welcome that; I wasn't confident enough to do that and tried to make the least intrusive patch. Eric, I'm glad you changed your mind and no longer consider my work "pure nonsense" and "pointless". But one problem remains: in the same email, you demanded evidence that userspace doesn't depend on the current behavior. However, in your patch description, you hand-waved that away by "I don't expect anyone to care". What happened to that? Max
Powered by blists - more mailing lists