Re: A new model for ports and kernel security?

From: Hans Reiser
Date: Mon Oct 06 2003 - 03:07:41 EST

Next message: Mike Fedyk: "71MB compressed for COMPILED(!!!) 2.6.0-test6"
Previous message: Andre Hedrick: "Re: SiI3112 DMA? (2.6.0-test6)"
In reply to: John Lange: "Re: A new model for ports and kernel security?"
Next in thread: Valdis . Kletnieks: "Re: A new model for ports and kernel security?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jesse Pollard wrote:

On Wednesday 01 October 2003 20:45, John Lange wrote:

A few people suggested various patches which implement a similar
functionality to what I was suggesting and I thank them for that.

I think this clearly demonstrates that there is a demand for such a
feature.

Not really - that is why they have been external for several years.

I would hope that it is more because the grsecurity documentation suggests it is still a work in progress. Perhaps its author might consider dividing his work up into smaller patches for Linus to consider.

The original poster was right that restricting ports below 1024 is an unclean hack, and a poor substitute for a better permissions model. Unfortunately it is an unclean hack in an area where it is difficult for society to achieve the decision needed for change.

--
Hans

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mike Fedyk: "71MB compressed for COMPILED(!!!) 2.6.0-test6"
Previous message: Andre Hedrick: "Re: SiI3112 DMA? (2.6.0-test6)"
In reply to: John Lange: "Re: A new model for ports and kernel security?"
Next in thread: Valdis . Kletnieks: "Re: A new model for ports and kernel security?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]