Re: 2001_05_09 patch against 2.4.4

From: David Wagner (dawat_private)
Date: Thu May 17 2001 - 00:02:54 PDT

  • Next message: David Wagner: "Re: 2001_05_09 patch against 2.4.4"

    >Suppose there's a crack that replaces the task's code at some point after 
    >the file is opened?  Subsequently, a sensitive file (e.g. /etc/passwd) may
    >be compromised during a read or write from what apparently is a valid 
    >process.   The capabilities module MAY wish to restrict *certain kinds* 
    >of read/writes as being "suspicious".
    Huh??  It is the open("/etc/passwd", .) call that is suspicious,
    not the read()/write() call.  How are you going to decide which
    read()/write() calls are suspicious?  Frankly, I don't understand
    what you're driving at.  If there is a good reason to check read()
    and write() calls, this does not seem to be it.
    Anyway, we discussed this issue at length some time ago, and some
    other policy module writers said they needed the ability to check
    read() and write() calls.
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Thu May 17 2001 - 00:05:27 PDT