Re: thoughts on kernel security issues

[Chris Wright]

* Linus Torvalds (torvalds@xxxxxxxx) wrote:
> On Thu, 13 Jan 2005, Alan Cox wrote:
> >
> > On Iau, 2005-01-13 at 16:38, Linus Torvalds wrote:
> > > It wouldn't be a global flag. It's a per-process flag. For example, many 
> > > people _do_ need to execute binaries in their home directory. I do it all 
> > > the time. I know what a compiler is.
> > 
> > noexec has never been worth anything because of scripts. Kernel won't
> > load that binary, I can write a script to do it.
> 
> Scripts can only do what the interpreter does. And it's often a lot harder
> to get the interpreter to do certain things. For example, you simply
> _cannot_ get any thread race conditions with most scripts out there, nor 
> can you generally use magic mmap patterns.

I think perl has threads and some type of free form syscall ability.
Heck, with a legit elf binary and gdb you can get a long ways.  But I
agree in two things.  1) It's all about layers, since there is no silver
bullet, and 2) Containment goes a long ways to mitigate damage.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/