Re: Low Latency Patch

From: Khimenko Victor (khim@sch57.msk.ru)
Date: Sun Jul 02 2000 - 08:18:19 EST

Next message: Khimenko Victor: "Re: Low Latency Patch"
Previous message: Pete Toscano: "Re: xfree and devel kernels > 2.3.99-pre6"
In reply to: Robert Dinse: "Re: Low Latency Patch"
Next in thread: Robert Dinse: "Re: Low Latency Patch"
Reply: Robert Dinse: "Re: Low Latency Patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In <Pine.SUN.3.96.1000702053820.260f-100000@invisible.eskimo.com> Robert Dinse (nanook@eskimo.com) wrote:
RD> On 2 Jul 2000, Yoann Vandoorselaere wrote:
>>
>> Non executable stack doesn't help preventing stack overflow,
>> that was said thousand of time.

RD> It's said erroneously, because you go from a problem of having to guess
RD> within a page to having to be exact.

RD> But again, the Solar Design patch does a lot more than just provide for
RD> a non-executable stack.

>> please stop being an asshole.

RD> Please stop being an asshole yourself when you are obviously unfamiliar
RD> with all the things the patch does. And just because something happens to be
RD> your opinion doesn't make it right. Even the non-executable user stack area
RD> does have value.

RD> The patch also provides restrictions on links in a +t directory, it also
RD> prevents users from making hard links to files they don't own. This breaks a
RD> number of race exploits, like the old passwd race, amoung other things.

RD> There are some restrictions on writes to FIFO's in +t directories unless
RD> the FIFO is owned by the user or the FIFO is opened without the O_CREAT flag.

RD> There is the ability to restrict access to proc, for applications where
RD> you do not want one user from watching another, ps only shows a users own
RD> processes, etc.

RD> There is an option to destroy shared memory segments when not in use.

RD> There is a provision for priviledge IP aliases. Not real useful for what
RD> I'm doing but for someone that runs everything on one box it could have some
RD> real utility.

In short: mostly patch is bunch of band-aids over band-aids. Go read what
Linus thinks about band-aids and SHUT UP!

P.S. Yes, there are exist few interesting points. But mostly it's MESS. Worse
then low-latency patch. And whe you'll think about it is authors of patch do
not want to clean up that mess (and throw out stupid things like non-exec
stack altogether) then why Linus should care ?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Khimenko Victor: "Re: Low Latency Patch"
Previous message: Pete Toscano: "Re: xfree and devel kernels > 2.3.99-pre6"
In reply to: Robert Dinse: "Re: Low Latency Patch"
Next in thread: Robert Dinse: "Re: Low Latency Patch"
Reply: Robert Dinse: "Re: Low Latency Patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Jul 07 2000 - 21:00:10 EST