On Sat, 2007-11-17 at 09:12 +1100, James Morris wrote:
> On Fri, 16 Nov 2007, Eric Paris wrote:
>
> > When this protection was originally concieved it intentionally was
> > offing something even without an more 'full featured' LSM. That was the
> > whole reason I had to drop the secondary stackin
On Fri, 16 Nov 2007, Eric Paris wrote:
> When this protection was originally concieved it intentionally was
> offing something even without an more 'full featured' LSM. That was the
> whole reason I had to drop the secondary stacking hook inside the
> selinux code.
>
> While I now understand the
On Sat, 2007-11-17 at 08:58 +1100, James Morris wrote:
> On Fri, 16 Nov 2007, Eric Paris wrote:
>
> > On Sat, 2007-11-17 at 08:47 +1100, James Morris wrote:
> > > On Fri, 16 Nov 2007, Eric Paris wrote:
> > >
> > > > On a kernel with CONFIG_SECURITY but without an LSM which implements
> > > > secu
On Fri, 16 Nov 2007, Eric Paris wrote:
> On Sat, 2007-11-17 at 08:47 +1100, James Morris wrote:
> > On Fri, 16 Nov 2007, Eric Paris wrote:
> >
> > > On a kernel with CONFIG_SECURITY but without an LSM which implements
> > > security_file_mmap it is impossible for an application to mmap addresses
On Sat, 2007-11-17 at 08:47 +1100, James Morris wrote:
> On Fri, 16 Nov 2007, Eric Paris wrote:
>
> > On a kernel with CONFIG_SECURITY but without an LSM which implements
> > security_file_mmap it is impossible for an application to mmap addresses
> > lower than mmap_min_addr.
>
> Actually, shoul
On Fri, 16 Nov 2007, Eric Paris wrote:
> On a kernel with CONFIG_SECURITY but without an LSM which implements
> security_file_mmap it is impossible for an application to mmap addresses
> lower than mmap_min_addr.
Actually, should we be doing any checking in the dummy module, given that
it is not
On a kernel with CONFIG_SECURITY but without an LSM which implements
security_file_mmap it is impossible for an application to mmap addresses
lower than mmap_min_addr. Based on a suggestion from a developer in the
openwall community this patch adds a check for CAP_SYS_RAWIO. It is
assumed that an
7 matches
Mail list logo