Re: [PATCH] Undo some of the pseudo-security madness
From: Samium Gromoff
Date: Sat Jan 20 2007 - 11:12:28 EST
At Sat, 20 Jan 2007 17:37:22 +0300,
Samium Gromoff wrote:
[snip]
> So, here we have a buffer-overflow protection technique, which does not
> actually protect against buffer overflows[1], breaking valid applications.
>
> I suggest getting rid of it.
i botched it slightly:
--- linux/include/linux/personality.h 2007-01-20 17:31:01.000000000 +0300
+++ linux-sane/include/linux/personality.h 2007-01-20 17:32:50.000000000 +0300
@@ -40,7 +40,7 @@
* Security-relevant compatibility flags that must be
* cleared upon setuid or setgid exec:
*/
-#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC|ADDR_NO_RANDOMIZE)
+#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC)
Signed-off-by: Samium Gromoff <_deepfire@xxxxxxxxxxxxxxxxx>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/