On Tue, 26 Jun 2007, Rik van Riel wrote:
> SUID programs should not be able to use this feature,
> either.
Why? A SUID programs runs under the UID of the owner, and should be no
problems in it seeing the owners data.
But the patch post was more a quest for possible scenarios where the use
of MAP_NOZERO can result in lower security WRT the same program (under the
same security restrictions) not using such feature.
If you have something specific in mind, please go ahead and shoot.
> > When pages exit (unmapped from) a vma, they are marked with the effective
> > UID of the mm_struct that owns it.
>
>
> > --- linux-2.6.mod.orig/include/linux/mm_types.h 2007-06-21
> > 14:02:06.000000000 -0700
> > +++ linux-2.6.mod/include/linux/mm_types.h 2007-06-25 19:11:22.000000000
> > -0700
> > @@ -64,6 +64,7 @@
> > struct list_head lru; /* Pageout list, eg. active_list
> > * protected by zone->lru_lock !
> > */
> > + int owner_uid; /* Last owner of the page */
> > /*
> > * On machines where all RAM is mapped into kernel address space,
> > * we can simply calculate the virtual address. On machines with
>
> Since this is only set when the page is freed, could
> the owner_uid and security context be put inside a
> union with some fields that are not otherwise used
> for free pages?
I tried to look, and the attempt to reuse _mapcount failed miserably :)
The last time we have the owner info (vma->mm) available, is before
processing of the other fields ends. OTOH I'm not VM guru either, so I may
be wrong. It can share ->virtual (when enabled).
- Davide
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]