Re: [PATCH 25/27] Lock down /proc/kcore

From: David Howells
Date: Mon Oct 23 2017 - 10:57:05 EST

Next message: Lothar WaÃmann: "[PATCH] ARM: dts: imx53-tx53: fix interrupt flags"
Previous message: kbuild test robot: "Re: [PATCH] ext4: Log inode exhaustion to dmesg"
In reply to: James Morris: "Re: [PATCH 25/27] Lock down /proc/kcore"
Next in thread: David Howells: "[PATCH 26/27] efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

James Morris <james.l.morris@xxxxxxxxxx> wrote:

> I have to wonder, though, after everything is locked down, how easy will
> it be for new things to slip in which need to be included in the lockdown,
> but are not.

That's always a possibility, and short of reviewing every change, particularly
in the drivers, I'm not sure how to prevent it.

David

Next message: Lothar WaÃmann: "[PATCH] ARM: dts: imx53-tx53: fix interrupt flags"
Previous message: kbuild test robot: "Re: [PATCH] ext4: Log inode exhaustion to dmesg"
In reply to: James Morris: "Re: [PATCH 25/27] Lock down /proc/kcore"
Next in thread: David Howells: "[PATCH 26/27] efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]