|
|
|
Re: [PATCH v17 01/15] Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
On Thu, 29 Mar 2012 15:01:46 -0500 Will Drewry <wad@xxxxxxxxxxxx> wrote: > From: Andy Lutomirski <luto@xxxxxxxxxxxxxx> > > With this set, a lot of dangerous operations (chroot, unshare, etc) > become a lot less dangerous because there is no possibility of > subverting privileged binaries. > > This patch completely breaks apparmor. Someone who understands (and > uses) apparmor should fix it or at least give me a hint. So [patch 2/15] fixes all this up? I guess we should join the two patches into one, to avoid a silly breakage window. That means that John loses a brownie point, but we can mention him in the changelog, include his signed-off-by: > Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxxxxxx> Several of these patches are missing your signed-off-by:. They should all have your SOB, because you sent them. Documentation/SubmittingPatches explains this. I'm trying to find a way to merge all this code without reviewing it ;) Alas, this is against my rules. Given the length of time for which this patchset has been floating around, I'm a little surprised by the lack of acked-by's and reviewed-by's. Have you been gathering them all up? Are the networking guys all happy about this patchset? -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
[Site Home] [Kernel Newbies] [Share Photos] [Security] [Netfilter] [Bugtraq] [Linux FS] [Photo] [Yosemite] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper] [Linux Resources]
|