> How much backwards compatibility do you think there should be:
>
> o Support all old binaries and make things as nice as possible, never
> return 0 instead of 65536 (this is what my patch does)
>
> o Support all old binaries, but don't worry about old binaries seeing
> weird uids/gids; you shouldn't be running any old binaries as root
> anyway
>
> o No kernel support for old binaries; leave it up to libc to do this or
> not. No sympathy for old statically linked programs.
>
> o No backwards compatibility at all.
Suggested rules:
1. Always allow 32-bit calls.
2. Always have 16-bit calls in the kernel. (see below)
3. Let unprivileged processes get garbage UID values. The software
isn't very dangerous, and it might work fine.
4. If any large UID is ever set for any process, privileged processes
must not be allowed to make any 16-bit calls. Log the problem,
stop the process, and return failure if the process continues.
5. Have a run-time config option to kill any privileged process that
tries to use a 16-bit call.
6. Have a run-time config option to allow 16-bit calls from privileged
processes that are not setuid.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/