Re: [PATCH v2] security: Yama LSM

From: Andi Kleen
Date: Wed Jun 23 2010 - 15:10:20 EST

Next message: Ryan Mallon: "Re: [RFC PATCH] Rework gpio cansleep (was Re: gpiolib and sleepinggpios)"
Previous message: Johannes Stezenbach: "Re: [ath5k-devel] [PATCH v2] ath5k: disable ASPM"
In reply to: Alan Cox: "Re: [PATCH v2] security: Yama LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jun 23, 2010 at 04:59:36PM +0100, Alan Cox wrote:
> > > I actually think this is a flaw in get_task_comm. (Though actually it's
> > > the fault of terminals if they process dangerous escape sequences. Worst
> > > case tends to just be confusing output, but that's not important --
> > > nothing should spew non-printables regardless.) Would a patch to
> > > get_task_comm be accepted to replace non-printables with "?" or something
> > > when filling the buffer?
> >
> > Probably makes sense, although you might annoy someone who wants Kanji
> > process names in UTF-8 or similar.
>
> The task name is irrelevant, user controlled information. It's not
> really ideal for use in security logging.

Yes but the pid only is normally completely useless, because nobody
knows afterwards what some old pid was.

-Andi

--
ak@xxxxxxxxxxxxxxx -- Speaking for myself only.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ryan Mallon: "Re: [RFC PATCH] Rework gpio cansleep (was Re: gpiolib and sleepinggpios)"
Previous message: Johannes Stezenbach: "Re: [ath5k-devel] [PATCH v2] ath5k: disable ASPM"
In reply to: Alan Cox: "Re: [PATCH v2] security: Yama LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]