Re: mprotect abuse in slim

SLIM implements dynamic process labels, so when a process
is demoted, we must be able to revoke write access to some
resources to which it has previously valid handles.
For example, if a shell reads an untrusted file, the
shell is demoted, and write access to more trusted files
revoked. Based on previous comments on lkml, we understand
that this is not really possible in general, so SLIM only
attempts to revoke access in certain simple cases.

Starting with the fdtable, would it help if we move the 
fdtable tweaking out of slim itself and into helpers?  Or
can you recommend another way to implement this functionality.

Mimi Zohar


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: mprotect abuse in slim
    • From: Pavel Machek <[email protected]>
  • Re: mprotect abuse in slim
    • From: [email protected]
  • Re: mprotect abuse in slim
    • From: Arjan van de Ven <[email protected]>

• References:
  • mprotect abuse in slim
    • From: Christoph Hellwig <[email protected]>

• Prev by Date: Re: [PATCH 4/4] x86_64 ioapic: Improve the heuristics for when check_timer fails.
• Next by Date: Re: [PATCH] include/linux/slab.h: new KFREE() macro.
• Previous by thread: mprotect abuse in slim
• Next by thread: Re: mprotect abuse in slim
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]