On Tue, Jan 26, 2010 at 11:21:56AM +0100, Josselin Mouette wrote:
> Le samedi 23 janvier 2010 à 11:37 +0100, Guido Günther a écrit :
> > Should this really be handled in the screensaver? The user can also kill
> > other processes during boot like accounting daemons and therefore
> > compromise security. The only "fix" is to disable this feature.
> I fully concur. Such a “feature” should be disabled by default, and this
> has to be done in the kernel packages.
The OOM killer can always be forced with normal processes as long as
over-commitment is enabled. So it is never save to add security measures
within processes that can be killed seperately.
> I’d appreciate if we could have some input from the kernel maintainers.
Someone with access to the console have several attack vectors
available.
Bastian
--
Earth -- mother of the most beautiful women in the universe.
-- Apollo, "Who Mourns for Adonais?" stardate 3468.1
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
