Re: [PATCH 3/7] SLIM main patch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2006-08-23 at 16:41 -0400, Benjamin LaHaise wrote:
> On Wed, Aug 23, 2006 at 01:35:56PM -0700, Kylene Jo Hall wrote:
> > Example: The current process is running at the USER level and writing to
> > a USER file in /home/user/.  The process then attempts to read an
> > UNTRUSTED file.  The current process will become UNTRUSTED and the read
> > allowed to proceed but first write access to all USER files is revoked
> > including the ones it has open.
> 
> Don't threads share file tables?  What is preventing malicious code from 
> starting another thread which continues writing to the file that the 
> revoke attempt is made on?

Well if they do share file tables then revoking write access from the
file in the file table will revoke access for all threads.  It looks
like sharing or copying the file table is based on a flag to the clone
call and we are looking into whether you could exploit that situation.

Thanks,
Kylie
> 
> 		-ben

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux