* frm gregat_private "09/11/01 13:14:04 -0700" | sed '1,$s/^/* /' * * On Tue, Sep 11, 2001 at 09:38:05AM -0700, richard offer wrote: *> *> How does this work ? It back-tracks from Stephens separation of function *> from access control, but it implements an identical code path to pre-LSM. * * I don't know, how does this work? * Have you tried it out against the different ptrace sploits out there? The only exploit I could find for 2.4 was fixed by Alan Cox in 2.4.1-ac19, so the code as I posted this morning works as expected. ie PTRACE_ATTACH: operation not permitted. If you've got any other exploits that you think should be tested, if you can send me a pointer to the code I'll try them out. * It looks better, but I still don't like the authorative hooks :) :-) * * greg k-h * richard. ----------------------------------------------------------------------- Richard Offer Technical Lead, Trust Technology, SGI "Specialization is for insects" _______________________________________________________________________ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue Sep 11 2001 - 16:02:45 PDT