Re: [PATCH] mm: larger stack guard gap, between vmas

From: Linus Torvalds
Date: Wed Jul 05 2017 - 19:55:26 EST

Next message: Kees Cook: "Re: [PATCH v2] mm: Add SLUB free list pointer obfuscation"
Previous message: Fenglin Wu: "Re: [PATCH V1 1/3] pinctrl: qcom: spmi-gpio: Add support for GPIO LV/MV subtype"
In reply to: Kees Cook: "Re: [PATCH] mm: larger stack guard gap, between vmas"
Next in thread: Andy Lutomirski: "Re: [PATCH] mm: larger stack guard gap, between vmas"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 5, 2017 at 4:50 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> As part of that should we put restrictions on the environment of
> set*id exec too?

I'm not seeing what sane limits you could use.

I think the concept of "reset as much of the environment to sane
things when running suid binaries" is a good concepr.

But we simply don't have any sane values to reset things to.

Linus

Next message: Kees Cook: "Re: [PATCH v2] mm: Add SLUB free list pointer obfuscation"
Previous message: Fenglin Wu: "Re: [PATCH V1 1/3] pinctrl: qcom: spmi-gpio: Add support for GPIO LV/MV subtype"
In reply to: Kees Cook: "Re: [PATCH] mm: larger stack guard gap, between vmas"
Next in thread: Andy Lutomirski: "Re: [PATCH] mm: larger stack guard gap, between vmas"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]