-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stephen Smalley wrote:
> On Thu, 2005-03-31 at 11:17 -0500, John Richard Moser wrote:
>
>>That *blocks* illegal states; but it's been proven in PaX that sometimes
>>the program(mer) didn't exactly think, and just 'OH PROT_* WILL ALWAYS
>>WERK :D :D :D' and commonly we know better. Why break 80% of the world
>>when you can break 0.001% of the world and still gain a higher level of
>>security?
>>
>>For example, I think all libraries are typically mapped RwX. . . wanna
>>break ld.so?
>
>
> I really don't follow what you are saying. Are you saying that the
> SELinux controls on mmap/mprotect to prevent bad states are breaking 80%
> of the world? Not AFAICS.
Nope, but I'd guess they would. I don't really know :)
Are they?
>
>
>>Reiser + SeLinux == infinite loop == freeze; Method said it had
>>something to do with xattrs being created as files, which SeLinux
>>suddenly wants to label, which creates more files for xattrs, which
>>SeLinux suddenly wants to label. . . . . . . . . *RESET*
>
>
> That's been fixed upstream. As of 2.6.12-rc1 or later.
>
- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.
Creative brains are a valuable, limited resource. They shouldn't be
wasted on re-inventing the wheel when there are so many fascinating
new problems waiting out there.
-- Eric Steven Raymond
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCTDmuhDd4aOud5P8RAhaBAKCCwciDdiy0lUXH/ZUf+hqV33lChgCgkY5V
5hkQQN+Gok7gHzGsunrAExc=
=uONc
-----END PGP SIGNATURE-----
This archive was generated by hypermail 2.1.3 : Thu Mar 31 2005 - 09:56:52 PST