lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140423153018.GA13717@breakpoint.cc>
Date:	Wed, 23 Apr 2014 17:30:18 +0200
From:	Florian Westphal <fw@...len.de>
To:	Ben Hutchings <ben@...adent.org.uk>
Cc:	netdev <netdev@...r.kernel.org>,
	Vasiliy Kulikov <segoon@...nwall.com>
Subject: Re: [RFC][PATCH] IP: Make ping sockets optional

Ben Hutchings <ben@...adent.org.uk> wrote:
> ICMP ping sockets currently require a new ping binary and are only
> available after setting a sysctl.  The code adds about 10K to the
> (uncompressed) size of the kernel.  Make this optional and disable
> it by default.
> 
> This is compile-tested only; I'd just like to see whether people think
> this is worth doing.

Either this feature needs to be ripped out now or it has to be kept.

I do not think the middle-ground you're proposing will work:

If userspace cannot safely assume facility is available, binaries
need to be setuid to implement fallback, and when you go down that
road you've gained nothing and might as well not support ping sockets
at all.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ