Re: [PATCH] ptrace: allow restriction of ptrace scope

From: James Morris
Date: Thu Jun 17 2010 - 19:04:49 EST

Next message: David Rientjes: "Re: [PATCH] kbuild: Clean up and speed up the localversion logic"
Previous message: Michael Neuling: "Re: [tip:sched/core] sched: Fix capacity calculations for SMT4"
In reply to: Alan Cox: "Re: [PATCH] ptrace: allow restriction of ptrace scope"
Next in thread: Casey Schaufler: "Re: [PATCH] ptrace: allow restriction of ptrace scope"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 17 Jun 2010, Alan Cox wrote:

> - You can put it together as a security module - which will make people
> happy and get your stuff upstream. After that you can have a meaningful
> discussion about stacking

It think this approach is worth pursuing, so that we can also see what's
there, and determine if there is a need for some form of stacking, or
whether we can consolidate some of this into library code which the
various LSMs utilize.

People who don't want to run SELinux / AppArmor / Smack / TOMOYO etc., run
can still get some protection.

- James
--
James Morris
<jmorris@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Rientjes: "Re: [PATCH] kbuild: Clean up and speed up the localversion logic"
Previous message: Michael Neuling: "Re: [tip:sched/core] sched: Fix capacity calculations for SMT4"
In reply to: Alan Cox: "Re: [PATCH] ptrace: allow restriction of ptrace scope"
Next in thread: Casey Schaufler: "Re: [PATCH] ptrace: allow restriction of ptrace scope"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]