From: Cyrill Gorcunov <gorcunov@openvz.org>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: richard -rw- weinberger <richard.weinberger@gmail.com>,
LKML <linux-kernel@vger.kernel.org>,
Oleg Nesterov <oleg@redhat.com>,
KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>,
Pavel Emelyanov <xemul@parallels.com>,
Kees Cook <keescook@chromium.org>, Tejun Heo <tj@kernel.org>,
Matt Helsley <matthltc@us.ibm.com>
Subject: Re: [patch 1/2] c/r: prctl: Add ability to set new mm_struct::exe_file
Date: Tue, 20 Mar 2012 02:50:20 +0400 [thread overview]
Message-ID: <20120319225020.GL19594@moon> (raw)
In-Reply-To: <20120319154649.0687f545.akpm@linux-foundation.org>
On Mon, Mar 19, 2012 at 03:46:49PM -0700, Andrew Morton wrote:
>
> Please send a patch with the updated changelog and improved comment?
Sure I'll resend.
>
> > >
> > > Actually I liked multi-shot version more but Matt arguments convinced
> > > me that one-short fashion is more "secure" in terms of overall kernel
> > > state and potential transitions/changes of this /proc/pid/exe symlink.
> > >
> > > At least with one-shot version the admin may be sure that the symlink
> > > is never changed more than once, ever.
> > >
> >
> > And changing it once does not harm security?
> > I'm sure that rootkit writers will like this feature...
>
> Well, let's discuss this more completely. In what ways could an
> attacker use this? How serious is the problem? What actions can be
> taken to lessen it? etcetera.
It can use it iif CAP_SYS_RESOURCE is granted.
Otherwise you'll get -eaccess.
Cyrill
next prev parent reply other threads:[~2012-03-19 22:50 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-16 20:55 [patch 0/2] [PATCH 0/2] prctl extension in a sake of c/r Cyrill Gorcunov
2012-03-16 20:55 ` [patch 1/2] c/r: prctl: Add ability to set new mm_struct::exe_file Cyrill Gorcunov
2012-03-19 22:15 ` Andrew Morton
2012-03-19 22:39 ` Cyrill Gorcunov
2012-03-19 22:41 ` richard -rw- weinberger
2012-03-19 22:46 ` Andrew Morton
2012-03-19 22:50 ` Cyrill Gorcunov [this message]
2012-03-19 22:59 ` Andrew Morton
2012-03-19 23:12 ` Cyrill Gorcunov
2012-03-19 23:02 ` richard -rw- weinberger
2012-03-19 23:17 ` Cyrill Gorcunov
2012-03-19 23:23 ` richard -rw- weinberger
2012-03-20 6:55 ` Cyrill Gorcunov
2012-03-22 23:38 ` Eric W. Biederman
2012-03-23 6:41 ` Cyrill Gorcunov
2012-03-23 6:47 ` Cyrill Gorcunov
2012-03-23 17:06 ` Matt Helsley
2012-03-19 22:47 ` Cyrill Gorcunov
2012-03-16 20:55 ` [patch 2/2] c/r: prctl: Add ability to get clear_tid_address Cyrill Gorcunov
2012-03-19 16:51 ` Kees Cook
2012-03-19 16:55 ` Cyrill Gorcunov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120319225020.GL19594@moon \
--to=gorcunov@openvz.org \
--cc=akpm@linux-foundation.org \
--cc=keescook@chromium.org \
--cc=kosaki.motohiro@jp.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=matthltc@us.ibm.com \
--cc=oleg@redhat.com \
--cc=richard.weinberger@gmail.com \
--cc=tj@kernel.org \
--cc=xemul@parallels.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.