Re: Why Ext2/3 needs immutable attribute?

From: Bernd Eckenfels
Date: Sun Apr 17 2005 - 20:55:57 EST

Next message: Dave Jones: "Re: [2.6 patch] remove cifs_kcalloc"
Previous message: Adrian Bunk: "[2.6 patch] remove cifs_kcalloc"
In reply to: Xin Zhao: "Re: Why Ext2/3 needs immutable attribute?"
Next in thread: Bernd Eckenfels: "Re: Why Ext2/3 needs immutable attribute?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Apr 17, 2005 at 07:48:50PM -0400, Xin Zhao wrote:
> any kernel level protection, including
> SELinux, could be disabled after the kernel is compromised. Am I
> missing some points here?

No, Immutable bit is an application of capabilities (or securelevel), you
are right.

If the kernel is compromised, the kernel is compromised. However immutable
bit can make it hard to circumvent kernel's protetion, even for root
attackers

Gruss
Bernd
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dave Jones: "Re: [2.6 patch] remove cifs_kcalloc"
Previous message: Adrian Bunk: "[2.6 patch] remove cifs_kcalloc"
In reply to: Xin Zhao: "Re: Why Ext2/3 needs immutable attribute?"
Next in thread: Bernd Eckenfels: "Re: Why Ext2/3 needs immutable attribute?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]