Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges

From: David Wagner
Date: Thu Dec 31 2009 - 12:55:35 EST

Next message: Rafael J. Wysocki: "Re: [origin tree build failure] Re: [git pull] PCI fixes"
Previous message: Serge E. Hallyn: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
In reply to: Alan Cox: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Next in thread: Peter Dolding: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alan Cox wrote:
>Removing specific features from a specific piece of code
>generally isn't a security feature -

You lost me there. The ability of a specific piece of code to voluntarily
relinquish privileges can be a big benefit to security. It enables
privilege-separated software architectures, which are a powerful way to
reduce risk. That's the motivation for the disablenetwork proposal that
has stimulated all this discussion. I hope this is obvious? Does it
need elaboration?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rafael J. Wysocki: "Re: [origin tree build failure] Re: [git pull] PCI fixes"
Previous message: Serge E. Hallyn: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
In reply to: Alan Cox: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Next in thread: Peter Dolding: "Re: [RFC][PATCH v3] Unprivileged: Disable raising of privileges"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]