Re: [TOMOYO 5/9] Memory and pathname management functions.

From: Pavel Machek
Date: Thu Jun 21 2007 - 14:22:25 EST


Hi!

> >> It's really not worth getting bothered by. Truth is, big
> >> giant
> >> pathnames break lots of stuff already, both kernel and
> >> userspace.
> >
> >> Just look in /proc for some nice juicy kernel breakage:
> >> cwd, exe, fd/*, maps, mounts, mountstats, root, smaps
> >
> >Well, but we should be fixing that, not adding more. And /proc is
> >info-only, while this is security related code.
>
> Security tools read from /proc, so /proc is security-related.

If some tool relies on pathnames in /proc, that tool is broken... as
is /proc. We should be fixing that.

> The limit imposed by TOMOYO (or AppArmor) is fine,
> despite being security-related. It just needs to fail in

It is not "fine", but maybe it will not get us a bugtraq posting.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/