On Mon, 9 Nov 2015 22:12:09 +0100 Jann Horn wrote:
>
> > Can we do
> >
> > #define PTRACE_foo (PTRACE_MODE_READ|PTRACE_MODE_FSCREDS)
> >
> > to avoid all that?
>
> Hm. All combinations of the PTRACE_MODE_*CREDS flags with
> PTRACE_MODE_{READ,ATTACH} plus optionally
On Sun, 8 Nov 2015 13:08:36 +0100 Jann Horn wrote:
> By checking the effective credentials instead of the real UID /
> permitted capabilities, ensure that the calling process actually
> intended to use its credentials.
>
> To ensure that all ptrace checks use the correct caller
On Mon, 4 Feb 2008 18:17:22 +
Pavel Machek [EMAIL PROTECTED] wrote:
On Fri 2008-02-01 20:07:01, James Morris wrote:
On Fri, 1 Feb 2008, Andrew Morton wrote:
Really? I'd feel a lot more comfortable if yesterday's version 1 had led
to a stream of comments from suitably
On Wed, 30 Jan 2008 23:02:30 -0800 Andrew G. Morgan [EMAIL PROTECTED] wrote:
With filesystem capabilities it is now possible to do away with
(set)uid-0 based privilege and use capabilities instead.
Historically, this was first attempted with a kernel-global set of
securebits. That
On Thu, 20 Dec 2007 15:11:40 +1100 (EST) James Morris [EMAIL PROTECTED] wrote:
+#ifdef CONFIG_SECURITY
+extern unsigned long mmap_min_addr;
+#endif
+
#include asm/page.h
#include asm/pgtable.h
#include asm/processor.h
Fine by me.
I'll queue it for -mm 2.6.25.
I
On Mon, 26 Nov 2007 12:38:56 -0800
Casey Schaufler [EMAIL PROTECTED] wrote:
From: Casey Schaufler [EMAIL PROTECTED]
This patch takes advantage of the increase in capability bits
to allocate capabilities for Mandatory Access Control. Whereas
Smack was overloading a previously allocated
On Wed, 21 Nov 2007 11:10:51 -0600
Serge E. Hallyn [EMAIL PROTECTED] wrote:
Quoting Andrew Morton ([EMAIL PROTECTED]):
On Sat, 17 Nov 2007 21:25:27 -0800 Andrew Morgan [EMAIL PROTECTED] wrote:
The attached patch (171282b3553fcec43b9ab615eb7daf6c2b494a87) applies
against 2.6.24-rc2-mm1
On Tue, 20 Nov 2007 11:04:32 -0800 (PST)
Casey Schaufler [EMAIL PROTECTED] wrote:
--- Casey Schaufler [EMAIL PROTECTED] wrote:
From: Casey Schaufler [EMAIL PROTECTED]
...
I have verified this version against broken-out-2007-11-20-01-45
as well. Compiles, boots, and passes tests.
On Mon, 19 Nov 2007 21:54:37 -0800
Casey Schaufler [EMAIL PROTECTED] wrote:
From: Casey Schaufler [EMAIL PROTECTED]
Smack is the Simplified Mandatory Access Control Kernel.
This patch seems bigger than the first version ;)
random-trivial-comments-just-to-show-i-read-it:
+static int
On Sat, 17 Nov 2007 21:25:27 -0800 Andrew Morgan [EMAIL PROTECTED] wrote:
The attached patch (171282b3553fcec43b9ab615eb7daf6c2b494a87) applies
against 2.6.24-rc2-mm1. It addresses the problem reported by Kevin and
Andy - ultimately, the legacy support wasn't transparent. In particular,
On Thu, 08 Nov 2007 20:48:52 -0800 Casey Schaufler [EMAIL PROTECTED] wrote:
Smack is the Simplified Mandatory Access Control Kernel.
This ran afoul of
http://userweb.kernel.org/~akpm/mmotm/broken-out/vfs-security-rework-inode_getsecurity-and-callers-to.patch
Until that patch gets merged we'll
On Wed, 07 Nov 2007 23:44:49 -0800
Andrew Morgan [EMAIL PROTECTED] wrote:
The attached patch (e3d27bcb07485a6c8927c8e4f5483d35a99680c3) adds
64-bit capability support to the kernel. This version of the patch is
designed to apply against the 2.6.23-mm1 tree.
FWIW libcap-2.00 supports this
On Tue, 16 Oct 2007 16:41:59 -0500
Serge E. Hallyn [EMAIL PROTECTED] wrote:
To properly test this the libcap code will need to be updated first,
which I'm looking at now...
This seems fairly significant. I asusme that this patch won't break
presently-deployed libcap?
-
To unsubscribe from
On Wed, 17 Oct 2007 21:59:20 -0500 Serge E. Hallyn [EMAIL PROTECTED] wrote:
Quoting Andrew Morton ([EMAIL PROTECTED]):
On Tue, 16 Oct 2007 16:41:59 -0500
Serge E. Hallyn [EMAIL PROTECTED] wrote:
To properly test this the libcap code will need to be updated first,
which I'm looking
On Sat, 29 Sep 2007 17:20:36 -0700 Casey Schaufler [EMAIL PROTECTED] wrote:
Smack is the Simplified Mandatory Access Control Kernel.
I don't know enough about security even to be dangerous. I went back and
reviewed the August thread from your version 1 submission and the message I
take away
On Sat, 14 Jul 2007 12:37:01 -0400 (EDT) James Morris [EMAIL PROTECTED] wrote:
Convert LSM into a static interface
allmodconfig broke
security/built-in.o: In function `rootplug_bprm_check_security':
security/root_plug.c:64: undefined reference to `usb_find_device'
security/root_plug.c:70:
On Tue, 24 Jul 2007 01:53:58 -0700 Greg KH [EMAIL PROTECTED] wrote:
On Tue, Jul 24, 2007 at 01:02:24AM -0700, Andrew Morton wrote:
On Sat, 14 Jul 2007 12:37:01 -0400 (EDT) James Morris [EMAIL PROTECTED]
wrote:
Convert LSM into a static interface
allmodconfig broke
security
On Tue, 26 Jun 2007 16:07:56 -0700
[EMAIL PROTECTED] wrote:
This post contains patches to include the AppArmor application security
framework, with request for inclusion into -mm for wider testing.
Patches 24 and 31 didn't come through.
Rolled-up diffstat (excluding 2431):
fs/attr.c
On Tue, 26 Jun 2007 19:24:03 -0700 John Johansen [EMAIL PROTECTED] wrote:
so... where do we stand with this? Fundamental, irreconcilable
differences over the use of pathname-based security?
There certainly seems to be some differences of opinion over the use
of
19 matches
Mail list logo