On Thu, Dec 13, 2018 at 06:36:15PM +0100, Mickaël Salaün wrote:
> On 13/12/2018 18:13, Matthew Wilcox wrote:
> > On Thu, Dec 13, 2018 at 04:17:29PM +0100, Mickaël Salaün wrote:
> >> Adding a new syscall for this simple use case seems excessive. I think
> >
> > We have somewhat less than 400
On 13/12/2018 18:13, Matthew Wilcox wrote:
> On Thu, Dec 13, 2018 at 04:17:29PM +0100, Mickaël Salaün wrote:
>> On 13/12/2018 04:02, Matthew Wilcox wrote:
>>> On Wed, Dec 12, 2018 at 09:17:07AM +0100, Mickaël Salaün wrote:
The goal of this patch series is to control script interpretation.
On Thu, Dec 13, 2018 at 04:17:29PM +0100, Mickaël Salaün wrote:
> On 13/12/2018 04:02, Matthew Wilcox wrote:
> > On Wed, Dec 12, 2018 at 09:17:07AM +0100, Mickaël Salaün wrote:
> >> The goal of this patch series is to control script interpretation. A
> >> new O_MAYEXEC flag used by sys_open() is
On 13/12/2018 04:02, Matthew Wilcox wrote:
> On Wed, Dec 12, 2018 at 09:17:07AM +0100, Mickaël Salaün wrote:
>> The goal of this patch series is to control script interpretation. A
>> new O_MAYEXEC flag used by sys_open() is added to enable userland script
>> interpreter to delegate to the
On 13/12/2018 06:13, Florian Weimer wrote:
> * James Morris:
>
>> On Wed, 12 Dec 2018, Florian Weimer wrote:
>>
>>> * James Morris:
>>>
If you're depending on the script interpreter to flag that the user may
execute code, this seems to be equivalent in security terms to depending
[Cc'ing linux-integrity]
On Thu, 2018-12-13 at 12:26 +0100, Florian Weimer wrote:
> * Mimi Zohar:
>
> > The indication needs to be set during file open, before the open
> > returns to the caller. This is the point where ima_file_check()
> > verifies the file's signature. On failure, access to
On Thu, Dec 13, 2018 at 06:04:20AM -0500, Mimi Zohar wrote:
> > I don't have a problem with the concept, but we're running low on O_ bits.
> > Does this have to be done before the process gets a file descriptor,
> > or could we have a new syscall? Since we're going to be changing the
> >
* Mimi Zohar:
> The indication needs to be set during file open, before the open
> returns to the caller. This is the point where ima_file_check()
> verifies the file's signature. On failure, access to the file is
> denied.
Does this verification happen for open with O_PATH?
Thanks,
Florian
On Wed, 2018-12-12 at 19:02 -0800, Matthew Wilcox wrote:
> On Wed, Dec 12, 2018 at 09:17:07AM +0100, Mickaël Salaün wrote:
> > The goal of this patch series is to control script interpretation. A
> > new O_MAYEXEC flag used by sys_open() is added to enable userland script
> > interpreter to
* Matthew Wilcox:
> On Wed, Dec 12, 2018 at 09:17:07AM +0100, Mickaël Salaün wrote:
>> The goal of this patch series is to control script interpretation. A
>> new O_MAYEXEC flag used by sys_open() is added to enable userland script
>> interpreter to delegate to the kernel (and thus the system
* James Morris:
> On Wed, 12 Dec 2018, Florian Weimer wrote:
>
>> * James Morris:
>>
>> > If you're depending on the script interpreter to flag that the user may
>> > execute code, this seems to be equivalent in security terms to depending
>> > on the user. e.g. what if the user uses ptrace
On Wed, Dec 12, 2018 at 09:17:07AM +0100, Mickaël Salaün wrote:
> The goal of this patch series is to control script interpretation. A
> new O_MAYEXEC flag used by sys_open() is added to enable userland script
> interpreter to delegate to the kernel (and thus the system security
> policy) the
On Wed, 12 Dec 2018, Florian Weimer wrote:
> * James Morris:
>
> > If you're depending on the script interpreter to flag that the user may
> > execute code, this seems to be equivalent in security terms to depending
> > on the user. e.g. what if the user uses ptrace and clears O_MAYEXEC?
>
>
* James Morris:
> If you're depending on the script interpreter to flag that the user may
> execute code, this seems to be equivalent in security terms to depending
> on the user. e.g. what if the user uses ptrace and clears O_MAYEXEC?
The argument I've heard is this: Using ptrace (and adding
On Wed, 12 Dec 2018, Mickaël Salaün wrote:
> Hi,
>
> The goal of this patch series is to control script interpretation. A
> new O_MAYEXEC flag used by sys_open() is added to enable userland script
> interpreter to delegate to the kernel (and thus the system security
> policy) the permission to
Le 12/12/2018 à 17:29, Jordan Glover a écrit :
> On Wednesday, December 12, 2018 9:17 AM, Mickaël Salaün
> wrote:
>
>> Hi,
>>
>> The goal of this patch series is to control script interpretation. A
>> new O_MAYEXEC flag used by sys_open() is added to enable userland script
>> interpreter to
On Wednesday, December 12, 2018 9:17 AM, Mickaël Salaün
wrote:
> Hi,
>
> The goal of this patch series is to control script interpretation. A
> new O_MAYEXEC flag used by sys_open() is added to enable userland script
> interpreter to delegate to the kernel (and thus the system security
>
17 matches
Mail list logo