From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933164AbcIUJk7 (ORCPT ); Wed, 21 Sep 2016 05:40:59 -0400 Received: from mail-wm0-f44.google.com ([74.125.82.44]:36273 "EHLO mail-wm0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751736AbcIUJk5 (ORCPT ); Wed, 21 Sep 2016 05:40:57 -0400 Subject: Re: [PATCH] pty: make ptmx file ops read-only after init To: Kees Cook , One Thousand Gnomes References: <20160908223558.GA11742@www.outflux.net> <43f1953c-d8a3-647f-20eb-bec4898e1b8e@suse.cz> <20160914150416.2d938c60@lxorguk.ukuu.org.uk> Cc: Greg Kroah-Hartman , "kernel-hardening@lists.openwall.com" , LKML From: Jiri Slaby Message-ID: Date: Wed, 21 Sep 2016 11:40:54 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 09/14/2016, 06:17 PM, Kees Cook wrote: > Correct, this is a continuing effort to reduce the internal attack > surface of the kernel, where one of the most common exploitation > methods is overwriting function pointers. > > Some examples of attacks and mitigations are here: > http://kernsec.org/wiki/index.php/Exploit_Methods/Function_pointer_overwrite > > While this patch isn't a huge change, it's still a viable candidate. I > send these as I notice them, and hope that other folks will start to > see these opportunities and send more patches too. :) I didn't object to the patch. I could imagine the use case. But putting the idea to the commit message would have made it clear. thanks, -- js suse labs