Re: AppArmor Security Goal

From: Andi Kleen
Date: Sat Nov 10 2007 - 16:04:53 EST

Next message: Mark Lord: "USB storage: corrupted data transfers"
Previous message: Olof Johansson: "[PATCH] [POWERPC] Fix CONFIG_SMP=n build error on ppc64"
In reply to: Crispin Cowan: "AppArmor Security Goal"
Next in thread: david: "Re: AppArmor Security Goal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Crispin Cowan <crispin@xxxxxxxxxxxxxxxx> writes:

The document should be a good base for a merge.

> * A confined process can operate on a file descriptor passed to it
> by an unconfined process, even if it manipulates a file not in the
> confined process's profile. To block this attack, confine the
> process that passed the file descriptor.

That is the only thing that tripped me up a bit while reading the document.
Can you expand a bit on the reasons why the fd is not rechecked in
the context of the target process? Best do it in a new version of the
document.

-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mark Lord: "USB storage: corrupted data transfers"
Previous message: Olof Johansson: "[PATCH] [POWERPC] Fix CONFIG_SMP=n build error on ppc64"
In reply to: Crispin Cowan: "AppArmor Security Goal"
Next in thread: david: "Re: AppArmor Security Goal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]