Re: 2001_05_09 patch against 2.4.4

From: David Wagner (dawat_private)
Date: Thu May 17 2001 - 00:04:43 PDT

  • Next message: David Wagner: "Re: 2001_05_09 patch against 2.4.4"

    Chris Evans  wrote:
    >On Tue, 15 May 2001 jmjonesat_private wrote:
    >
    >> > Can you still think of a case where read/write hooking is necessary?
    >>
    >> Suppose there's a crack that replaces the task's code at some point after
    >> the file is opened?  Subsequently, a sensitive file (e.g. /etc/passwd) may
    >> be compromised during a read or write from what apparently is a valid
    >
    >A very good point.
    
    A good point, but it seems to be irrelevant to the question of whether
    to allow modules to interpose on read()/write() calls.  The functionality
    jmjones wants is easily accomplished by checking open() calls, if I am not
    mistaken.
    
    >The netscape process should be started with security restrictions in place
    >- i.e. it should not get the chance to open anything remotely "sensitive"
    >(read /etc/passwd, write the user's .rhosts etc). It should only get
    >access to its cache files, config files etc.[1]
    
    See the Janus project.  We've done this for Netscape, as well as for
    many other applications.
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu May 17 2001 - 00:07:36 PDT