Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)

On Oct 24, 2007, at 17:37:04, Serge E. Hallyn wrote:

The scariest thing to consider is programs which don'tappropriately handle failure. So I don't know, maybe the systemruns a remote logger to which the multiadm policy gives some extraprivs, but now the portac module prevents it from sending itsdata. And maybe, since the authors never saw this failure aspossible, the program happens to dump sensitive data in a publicreadable place. I *could* be more vague but it'd be tough :) Butyou get the idea.

Well, there *was* that problem with sendmail where it did notproperly check the result of setuid() and just assumed it hadsucceeded. So instead of running as "smtpd" it was running as"root". Not a happy memory.


Cheers,
Kyle Moffett

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

References:
- Re: LSM conversion to static interface [revert patch]
  - From: Chris Wright <[email protected]>
- Re: LSM conversion to static interface [revert patch]
  - From: Jeremy Fitzhardinge <[email protected]>
- Re: LSM conversion to static interface [revert patch]
  - From: Arjan van de Ven <[email protected]>
- Linux Security *Module* Framework (Was: LSM conversion to static interface
  - From: "Simon Arlott" <[email protected]>
- Re: Linux Security *Module* Framework (Was: LSM conversion to static interface
  - From: Adrian Bunk <[email protected]>
- Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)
  - From: Simon Arlott <[email protected]>
- Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)
  - From: Jan Engelhardt <[email protected]>
- Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)
  - From: Simon Arlott <[email protected]>
- Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)
  - From: Jan Engelhardt <[email protected]>
- Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)
  - From: "David P. Quigley" <[email protected]>
- Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)
  - From: "Serge E. Hallyn" <[email protected]>

Prev by Date: Re: Is gcc thread-unsafe?
Next by Date: Re: [Fwd: [PATCH 3/5] Export acpi_check_resource_conflict]
Previous by thread: Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)
Next by thread: Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]