Re: Openwall RLIMITS_NPROC patch as an LSM

• Previous message: Chris Wright: "Re: Proposed documentation patch to security.h"
• In reply to: Emily Ratliff: "Re: Openwall RLIMITS_NPROC patch as an LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Emily Ratliff (ratliffat_private) wrote:
> 
> He did express concern that the code is comparing the uid against 0 in
> several places and that it uses superuser privieges without raising
> PF_SUPERPRIV.

just thought i'd mention that this isn't a real problem.  the
netlink_send check is basically a hack.  i'll propose an alternative
shortly.  the other check is done in the capable hook, which if succeeds
does set PF_SUPERPRIV.

-chris

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "netlink_send for dummy.c"
• Previous message: Chris Wright: "Re: Proposed documentation patch to security.h"
• In reply to: Emily Ratliff: "Re: Openwall RLIMITS_NPROC patch as an LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Oct 31 2001 - 17:26:20 PST