Andy Lutomirski writes:
> At the risk of pointing out a can of worms, the attack surface also
> includes things like the iptables configuration APIs, parsers, and
> filter/conntrack/action modules.
It is worth noting that module auto-load does not happen if the
triggering
Mike Snitzer writes:
> What layer establishes access rights to historically root-only
> priviledged block devices? Is it user namespaces?
Block devices are weird.
Mounts historically have not checked the permissions on the block
devices because a mounter has CAP_SYS_ADMIN.
Serge E. Hallyn [EMAIL PROTECTED] writes:
Quoting Eric W. Biederman ([EMAIL PROTECTED]):
Mark Nelson [EMAIL PROTECTED] writes:
Hi Paul and Eric,
Do you guys have any objections to dropping the hijack_pid() and
hijack_cgroup() parts of sys_hijack, leaving just hijack_ns() (see
below
Mark Nelson [EMAIL PROTECTED] writes:
Hi Paul and Eric,
Do you guys have any objections to dropping the hijack_pid() and
hijack_cgroup() parts of sys_hijack, leaving just hijack_ns() (see
below for discussion)?
I need to step back and study what is being proposed.
My gut feeling is that
Serge E. Hallyn [EMAIL PROTECTED] writes:
Quoting Eric W. Biederman ([EMAIL PROTECTED]):
Perform the split up you talked about above and move the table
matching into the LSM hooks.
Use something like the iptables action and match to module mapping
code so we can have multiple modules
Casey Schaufler [EMAIL PROTECTED] writes:
--- Eric W. Biederman [EMAIL PROTECTED] wrote:
Likely. Until we have a generalized LSM interface with 1000 config
options like netfilter I don't expect we will have grounds to talk
or agree to a common user space interface. Although I could
Serge E. Hallyn [EMAIL PROTECTED] writes:
Quoting Eric W. Biederman ([EMAIL PROTECTED]):
It really seems to me that the LSM as currently structured creates
a large barrier to entry for people who have just this little thing
they want to do that is not possible with any existing security
Casey Schaufler [EMAIL PROTECTED] writes:
--- Eric W. Biederman [EMAIL PROTECTED] wrote:
It really seems to me that the LSM as currently structured creates
a large barrier to entry for people who have just this little thing
they want to do that is not possible with any existing security
Stephen Smalley [EMAIL PROTECTED] writes:
On Fri, 2007-10-05 at 09:27 -0700, Casey Schaufler wrote:
--- Kyle Moffett [EMAIL PROTECTED] wrote:
On Oct 05, 2007, at 00:45:17, Eric W. Biederman wrote:
Kyle Moffett [EMAIL PROTECTED] writes:
On Oct 04, 2007, at 21:44:02, Eric W
Serge E. Hallyn [EMAIL PROTECTED] writes:
Quoting H. Peter Anvin ([EMAIL PROTECTED]):
Miklos Szeredi wrote:
Andrew, please skip this patch, for now.
Serge found a problem with the fsuid approach: setfsuid(nonzero) will
remove filesystem related capabilities. So even if root is
Serge E. Hallyn [EMAIL PROTECTED] writes:
Quoting Eric W. Biederman ([EMAIL PROTECTED]):
Are there other permission checks that mount is doing that we
care about.
Not mount itself, but in looking up /share/fa/root/home/fa,
user fa doesn't have the rights to read /share, and by setting
11 matches
Mail list logo