Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds

Alan Cox (alan@lxorguk.ukuu.org.uk)
Tue, 4 Aug 1998 10:21:13 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Peter T. Breuer: "Re: !!Warning!! UDMA and Fujitsu HD"
Previous message: Christian Viken: "Re: Linux 2.1.x IDE/ATAPI CDROM support"
Next in thread: Peter T. Breuer: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Reply: Peter T. Breuer: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Reply: Horst von Brand: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"

On Mon, 3 Aug 1998, David S. Miller wrote:

> We had an issue like this last year, where someone tried to kill
> security exploits by putting a monkey wrench into the kernel
> (I'm refereing to the non-executable stack patches). That change
> didn't go in, and we're still alive today.

Actually a _lot_ of people run the non-excutable stack and related
patches. They don't break anything, they stop a lot of the "I read bugtraq
before my sysadmin" type cracks and the like

There _is_ a definite case for

CONFIG_SECURITY
CONFIG_SECURITY_NONEXECSTACK
CONFIG_SECURITY_TRUSTEDPATH

etc.. either in the main tree - or as now as a collection .

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Peter T. Breuer: "Re: !!Warning!! UDMA and Fujitsu HD"
Previous message: Christian Viken: "Re: Linux 2.1.x IDE/ATAPI CDROM support"
Next in thread: Peter T. Breuer: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Reply: Peter T. Breuer: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Reply: Horst von Brand: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"