Re: [PATCH] pty: make ptmx file ops read-only after init

From: Jiri Slaby
Date: Wed Sep 21 2016 - 05:41:11 EST

Next message: Daniel Walter: "[PATCH v2 00/46] Nandsim facelift (part I of II)"
Previous message: Viresh Kumar: "[PATCH 2/2] PM / OPP: Multiple regulators aren't supported yet"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 09/14/2016, 06:17 PM, Kees Cook wrote:
> Correct, this is a continuing effort to reduce the internal attack
> surface of the kernel, where one of the most common exploitation
> methods is overwriting function pointers.
>
> Some examples of attacks and mitigations are here:
> http://kernsec.org/wiki/index.php/Exploit_Methods/Function_pointer_overwrite
>
> While this patch isn't a huge change, it's still a viable candidate. I
> send these as I notice them, and hope that other folks will start to
> see these opportunities and send more patches too. :)

I didn't object to the patch. I could imagine the use case. But putting
the idea to the commit message would have made it clear.

thanks,
--
js
suse labs

Next message: Daniel Walter: "[PATCH v2 00/46] Nandsim facelift (part I of II)"
Previous message: Viresh Kumar: "[PATCH 2/2] PM / OPP: Multiple regulators aren't supported yet"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]