Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

> | A trusted path is one that is inside is a root owned directory that > | is not group or world writable. /bin, /usr/bin, /usr/local/bin, are > | (under normal circumstances) considered trusted. Any non-root > | users home directory is not trusted, nor is /tmp. You need the entire path to be

Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

> | A trusted path is one that is inside is a root owned directory that > | is not group or world writable. /bin, /usr/bin, /usr/local/bin, are > | (under normal circumstances) considered trusted. Any non-root > | users home directory is not trusted, nor is /tmp. You need the entire path to be

Re: [kernel-hardening] [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

As was pointed out to me, the first grsecurity's implementation of TPE date back to earlier days (before Git was used for Linux): https://github.com/linux-scraping/grsecurity-patches/blob/master/grsec-2.4.5/grsecurity-1.4-LIDS-2.4.5.patch There seem to be multiple implementations inspired by the

Re: [kernel-hardening] [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

As was pointed out to me, the first grsecurity's implementation of TPE date back to earlier days (before Git was used for Linux): https://github.com/linux-scraping/grsecurity-patches/blob/master/grsec-2.4.5/grsecurity-1.4-LIDS-2.4.5.patch There seem to be multiple implementations inspired by the

Re: [kernel-hardening] [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

Hi, If you want to get some information about the history of TPE in grsecurity, take a look at https://github.com/linux-scraping/linux-grsecurity/ and run git log grsecurity/grsec_tpe.c Here are some links about TPE (before grsecurity used it): * http://phrack.org/issues/52/6.html#article *

Re: [kernel-hardening] [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

Hi, If you want to get some information about the history of TPE in grsecurity, take a look at https://github.com/linux-scraping/linux-grsecurity/ and run git log grsecurity/grsec_tpe.c Here are some links about TPE (before grsecurity used it): * http://phrack.org/issues/52/6.html#article *

Re: [kernel-hardening] Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On 06/04/2017 01:47 AM, Eric Biggers wrote: On Sun, Jun 04, 2017 at 01:24:13AM -0400, Matt Brown wrote: On 06/03/2017 02:33 AM, Al Viro wrote: On Sat, Jun 03, 2017 at 01:53:51AM -0400, Matt Brown wrote: +static int tpe_bprm_set_creds(struct linux_binprm *bprm) +{ + struct file *file =

Re: [kernel-hardening] Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On 06/04/2017 01:47 AM, Eric Biggers wrote: On Sun, Jun 04, 2017 at 01:24:13AM -0400, Matt Brown wrote: On 06/03/2017 02:33 AM, Al Viro wrote: On Sat, Jun 03, 2017 at 01:53:51AM -0400, Matt Brown wrote: +static int tpe_bprm_set_creds(struct linux_binprm *bprm) +{ + struct file *file =

Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On Sun, Jun 04, 2017 at 01:24:13AM -0400, Matt Brown wrote: > On 06/03/2017 02:33 AM, Al Viro wrote: > > On Sat, Jun 03, 2017 at 01:53:51AM -0400, Matt Brown wrote: > > > > > +static int tpe_bprm_set_creds(struct linux_binprm *bprm) > > > +{ > > > + struct file *file = bprm->file; > > > + struct

Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On Sun, Jun 04, 2017 at 01:24:13AM -0400, Matt Brown wrote: > On 06/03/2017 02:33 AM, Al Viro wrote: > > On Sat, Jun 03, 2017 at 01:53:51AM -0400, Matt Brown wrote: > > > > > +static int tpe_bprm_set_creds(struct linux_binprm *bprm) > > > +{ > > > + struct file *file = bprm->file; > > > + struct

Re: [kernel-hardening] Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On Sun, Jun 04, 2017 at 01:24:13AM -0400, Matt Brown wrote: > On 06/03/2017 02:33 AM, Al Viro wrote: > > On Sat, Jun 03, 2017 at 01:53:51AM -0400, Matt Brown wrote: > > > > > +static int tpe_bprm_set_creds(struct linux_binprm *bprm) > > > +{ > > > + struct file *file = bprm->file; > > > + struct

Re: [kernel-hardening] Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On Sun, Jun 04, 2017 at 01:24:13AM -0400, Matt Brown wrote: > On 06/03/2017 02:33 AM, Al Viro wrote: > > On Sat, Jun 03, 2017 at 01:53:51AM -0400, Matt Brown wrote: > > > > > +static int tpe_bprm_set_creds(struct linux_binprm *bprm) > > > +{ > > > + struct file *file = bprm->file; > > > + struct

Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On 06/03/2017 02:33 AM, Al Viro wrote: On Sat, Jun 03, 2017 at 01:53:51AM -0400, Matt Brown wrote: +static int tpe_bprm_set_creds(struct linux_binprm *bprm) +{ + struct file *file = bprm->file; + struct inode *inode = d_backing_inode(file->f_path.dentry->d_parent); + struct

Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On 06/03/2017 02:33 AM, Al Viro wrote: On Sat, Jun 03, 2017 at 01:53:51AM -0400, Matt Brown wrote: +static int tpe_bprm_set_creds(struct linux_binprm *bprm) +{ + struct file *file = bprm->file; + struct inode *inode = d_backing_inode(file->f_path.dentry->d_parent); + struct

Re: [kernel-hardening] [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On 06/03/2017 06:39 AM, Jann Horn wrote: On Sat, Jun 3, 2017 at 7:53 AM, Matt Brown wrote: This patch was modified from Brad Spengler's Trusted Path Execution (TPE) feature in Grsecurity and also incorporates logging ideas from cormander's tpe-lkm. Modifications from the

Re: [kernel-hardening] [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On 06/03/2017 06:39 AM, Jann Horn wrote: On Sat, Jun 3, 2017 at 7:53 AM, Matt Brown wrote: This patch was modified from Brad Spengler's Trusted Path Execution (TPE) feature in Grsecurity and also incorporates logging ideas from cormander's tpe-lkm. Modifications from the Grsecurity

Re: [kernel-hardening] [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On Sat, Jun 3, 2017 at 7:53 AM, Matt Brown wrote: > This patch was modified from Brad Spengler's Trusted Path Execution (TPE) > feature in Grsecurity and also incorporates logging ideas from > cormander's tpe-lkm. > > Modifications from the Grsecurity implementation of TPE were

Re: [kernel-hardening] [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On Sat, Jun 3, 2017 at 7:53 AM, Matt Brown wrote: > This patch was modified from Brad Spengler's Trusted Path Execution (TPE) > feature in Grsecurity and also incorporates logging ideas from > cormander's tpe-lkm. > > Modifications from the Grsecurity implementation of TPE were made to > turn it

Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On Sat, Jun 03, 2017 at 01:53:51AM -0400, Matt Brown wrote: > +static int tpe_bprm_set_creds(struct linux_binprm *bprm) > +{ > + struct file *file = bprm->file; > + struct inode *inode = d_backing_inode(file->f_path.dentry->d_parent); > + struct inode *file_inode =

Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On Sat, Jun 03, 2017 at 01:53:51AM -0400, Matt Brown wrote: > +static int tpe_bprm_set_creds(struct linux_binprm *bprm) > +{ > + struct file *file = bprm->file; > + struct inode *inode = d_backing_inode(file->f_path.dentry->d_parent); > + struct inode *file_inode =

[PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

This patch was modified from Brad Spengler's Trusted Path Execution (TPE) feature in Grsecurity and also incorporates logging ideas from cormander's tpe-lkm. Modifications from the Grsecurity implementation of TPE were made to turn it into a stackable LSM using the existing LSM hook

[PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

This patch was modified from Brad Spengler's Trusted Path Execution (TPE) feature in Grsecurity and also incorporates logging ideas from cormander's tpe-lkm. Modifications from the Grsecurity implementation of TPE were made to turn it into a stackable LSM using the existing LSM hook