subject:"\[RFC\] Restrict writes into untrusted FIFOs and regular files"

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-19 Thread Solar Designer

On Tue, Sep 19, 2017 at 06:06:15PM +0200, Salvatore Mesoraca wrote: > 2017-09-19 2:37 GMT+02:00 Solar Designer : > > On Mon, Sep 18, 2017 at 02:00:50PM -0700, Kees Cook wrote: > >> On Fri, Sep 15, 2017 at 1:43 AM, Salvatore Mesoraca > >> wrote: > >> >

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-19 Thread Solar Designer

On Tue, Sep 19, 2017 at 06:06:15PM +0200, Salvatore Mesoraca wrote: > 2017-09-19 2:37 GMT+02:00 Solar Designer : > > On Mon, Sep 18, 2017 at 02:00:50PM -0700, Kees Cook wrote: > >> On Fri, Sep 15, 2017 at 1:43 AM, Salvatore Mesoraca > >> wrote: > >> > +protected_regular_files: > >> > + > >> >

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-19 Thread Salvatore Mesoraca

2017-09-19 2:37 GMT+02:00 Solar Designer : > On Mon, Sep 18, 2017 at 02:00:50PM -0700, Kees Cook wrote: >> On Fri, Sep 15, 2017 at 1:43 AM, Salvatore Mesoraca >> wrote: >> > The purpose is to make data spoofing attacks harder. >> >> Do you have any

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-19 Thread Salvatore Mesoraca

2017-09-19 2:37 GMT+02:00 Solar Designer : > On Mon, Sep 18, 2017 at 02:00:50PM -0700, Kees Cook wrote: >> On Fri, Sep 15, 2017 at 1:43 AM, Salvatore Mesoraca >> wrote: >> > The purpose is to make data spoofing attacks harder. >> >> Do you have any examples of attacks (CVEs, blog posts, etc)

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-19 Thread Salvatore Mesoraca

2017-09-18 23:00 GMT+02:00 Kees Cook : > On Fri, Sep 15, 2017 at 1:43 AM, Salvatore Mesoraca > wrote: >> Disallows writing into FIFOs or regular files not owned by the user >> in world writable sticky directories, unless the owner is the same as >>

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-19 Thread Salvatore Mesoraca

2017-09-18 23:00 GMT+02:00 Kees Cook : > On Fri, Sep 15, 2017 at 1:43 AM, Salvatore Mesoraca > wrote: >> Disallows writing into FIFOs or regular files not owned by the user >> in world writable sticky directories, unless the owner is the same as >> that of the directory or the file is opened

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-18 Thread Solar Designer

On Mon, Sep 18, 2017 at 02:00:50PM -0700, Kees Cook wrote: > On Fri, Sep 15, 2017 at 1:43 AM, Salvatore Mesoraca > wrote: > > The purpose is to make data spoofing attacks harder. > > Do you have any examples of attacks (CVEs, blog posts, etc) that you > could link to in

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-18 Thread Solar Designer

On Mon, Sep 18, 2017 at 02:00:50PM -0700, Kees Cook wrote: > On Fri, Sep 15, 2017 at 1:43 AM, Salvatore Mesoraca > wrote: > > The purpose is to make data spoofing attacks harder. > > Do you have any examples of attacks (CVEs, blog posts, etc) that you > could link to in this commit? I doubt

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-18 Thread Kees Cook

On Fri, Sep 15, 2017 at 1:43 AM, Salvatore Mesoraca wrote: > Disallows writing into FIFOs or regular files not owned by the user > in world writable sticky directories, unless the owner is the same as > that of the directory or the file is opened without the O_CREAT flag.

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-18 Thread Kees Cook

On Fri, Sep 15, 2017 at 1:43 AM, Salvatore Mesoraca wrote: > Disallows writing into FIFOs or regular files not owned by the user > in world writable sticky directories, unless the owner is the same as > that of the directory or the file is opened without the O_CREAT flag. Thanks for working on

[RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-15 Thread Salvatore Mesoraca

Disallows writing into FIFOs or regular files not owned by the user in world writable sticky directories, unless the owner is the same as that of the directory or the file is opened without the O_CREAT flag. The purpose is to make data spoofing attacks harder. This protection can be turned on and

[RFC] Restrict writes into untrusted FIFOs and regular files

2017-09-15 Thread Salvatore Mesoraca

Disallows writing into FIFOs or regular files not owned by the user in world writable sticky directories, unless the owner is the same as that of the directory or the file is opened without the O_CREAT flag. The purpose is to make data spoofing attacks harder. This protection can be turned on and

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

Re: [RFC] Restrict writes into untrusted FIFOs and regular files

[RFC] Restrict writes into untrusted FIFOs and regular files

[RFC] Restrict writes into untrusted FIFOs and regular files

12 matches

Site Navigation

Mail list logo

Footer information