|
|
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
On Fri, 13 Apr 2012, Paul Moore wrote: > the seccomp filter into the kernel. By default libseccomp attempts to set > NO_NEW_PRIVS but does not fail if prctl(NO_NEW_PRIVS) returns with an error; Isn't that dangerous in non-obvious ways, as in it can actually cause/activate/enable/open security issues on priviledged processes that don't expect whatever filtering seccomp will subject them to? Maybe it would be best if libseccomp were to (by default) bomb out with an error if prctl(NO_NEW_PRIVS) fails? Defaults are important, as they're what people _who don't know any better_ are likely to use. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
[Fedora Maintainers] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools]
