Re: TALPA - a threat model? well sorta.

From: Arjan van de Ven
Date: Wed Aug 13 2008 - 14:24:26 EST

Next message: H. Peter Anvin: "Re: TALPA - a threat model? well sorta."
Previous message: Eric W. Biederman: "Re: [PATCH] kexec jump: fix compiling warning on xchg(&kexec_lock, 0) in kernel_kexec()"
In reply to: Andi Kleen: "Re: TALPA - a threat model? well sorta."
Next in thread: H. Peter Anvin: "Re: TALPA - a threat model? well sorta."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 13 Aug 2008 20:17:14 +0200
Andi Kleen <andi@xxxxxxxxxxxxxx> wrote:

>
> I would suggest again to clarify this important point first. It has
> significant impact on the whole design.

agreed.

>
> Personally I would think not protecting against root would be quite
> limiting (e.g. it would mean that e.g. if some worm trojans rpms
> people download then they wouldn't be caught because rpms are
> installed as root),

on argument could be that root apps like that could/should do explicit
scanning regardless.
(if we have an explicit interface to scan a file that's not too hard)

--
If you want to reach me at my work email, use arjan@xxxxxxxxxxxxxxx
For development, discussion and tips for power savings,
visit http://www.lesswatts.org
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: H. Peter Anvin: "Re: TALPA - a threat model? well sorta."
Previous message: Eric W. Biederman: "Re: [PATCH] kexec jump: fix compiling warning on xchg(&kexec_lock, 0) in kernel_kexec()"
In reply to: Andi Kleen: "Re: TALPA - a threat model? well sorta."
Next in thread: H. Peter Anvin: "Re: TALPA - a threat model? well sorta."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]