Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges

From: Alan Cox
Date: Wed Dec 30 2009 - 16:29:19 EST

Next message: Andrew Morton: "Re: kprobes: get rid of distinct type warning"
Previous message: Rafael J. Wysocki: "Re: [Bug #14630] sched_rt_periodic_timer vs cpu hotplug"
In reply to: Eric W. Biederman: "[RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Next in thread: Eric W. Biederman: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Added bprm->nosuid to make remove the need to add
> duplicate error prone checks. This ensures that
> the disabling of suid executables is exactly the
> same as MNT_NOSUID.

Another fine example of why we have security hooks so that we don't get a
kernel full of other "random security idea of the day" hacks.

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: kprobes: get rid of distinct type warning"
Previous message: Rafael J. Wysocki: "Re: [Bug #14630] sched_rt_periodic_timer vs cpu hotplug"
In reply to: Eric W. Biederman: "[RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Next in thread: Eric W. Biederman: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]