Re: 2.6.6-mm2

[Chris Wright]

* Andy Lutomirski (luto@xxxxxxxxxxxxx) wrote:
> Chris Wright wrote:
> > What about something that's just simple and generic?  This is similar to
> > Andrea's disable_cap_mlock patch and the disabling capabilities patch
> > that wli produced back in that thread.  It would remove the hack, and
> > buy us some time to find better solutions.  Downside of course (as all
> > of these have) is reduced security value.
> 
> I actually like the magic group better.  This one means that _anyone_
> can DoS the system.  Why not just give Oracle its own LSM if this is
> what you want to do (that way the nastiness is completely isolated)?

Magic group has better safety property, but it evolved from
disable_cap_mlock which for CAP_IPC_LOCK has the identical property to
this patch.  Agreed it's safer w/out, but the magic group is so special
purpose that it feels like a hack.  This patch is more contained and
IMO is just a hold over until we have something that really works.

> <shameless_plug> My patch (posted a couple hours ago) solves this one
> cleanly </shameless_plug>

I'll comment on that separately ;-)

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/