From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754330Ab2KZHJj (ORCPT ); Mon, 26 Nov 2012 02:09:39 -0500 Received: from mx1.redhat.com ([209.132.183.28]:42058 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754228Ab2KZHJi (ORCPT ); Mon, 26 Nov 2012 02:09:38 -0500 Date: Mon, 26 Nov 2012 12:39:33 +0530 (IST) From: P J P X-X-Sender: pjp@javelin.pnq.redhat.com cc: linux-kernel@vger.kernel.org Subject: Re: [PATCH] exec: do not leave bprm->interp on stack In-Reply-To: Message-ID: References: <20121024232032.GA31129@www.outflux.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII To: unlisted-recipients:; (no To-header on input) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org +-- On Sat, 24 Nov 2012, Kees Cook wrote --+ | Well, "ever" meaning "if depth is hit, always fail out", yes. This is | intentional. We do not want to attempt module loading if we hit a recursion | limit. Ah yes, that's right! Thanks so much! :) -- Prasad J Pandit / Red Hat Security Response Team DB7A 84C5 D3F9 7CD1 B5EB C939 D048 7860 3655 602B