Re: thoughts on kernel security issues

From: Christoph Hellwig
Date: Thu Jan 13 2005 - 03:25:29 EST

Next message: Florian Weimer: "Re: thoughts on kernel security issues"
Previous message: Daniel Egger: "Re: Cherokee Nation Posts Open Source Legisation - Invites comments from Community Members"
In reply to: Willy Tarreau: "Re: thoughts on kernel security issues"
Next in thread: Linus Torvalds: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 12, 2005 at 08:48:57PM -0800, Linus Torvalds wrote:
> Without that capability set, you can only execute binaries that you cannot
> write to, and that you cannot _get_ write permission to (ie you can't be
> the owner of them either - possibly only binaries where the owner is
> root).

I think this is called "mount user-writeable filesystems with -noexec" ;-)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Florian Weimer: "Re: thoughts on kernel security issues"
Previous message: Daniel Egger: "Re: Cherokee Nation Posts Open Source Legisation - Invites comments from Community Members"
In reply to: Willy Tarreau: "Re: thoughts on kernel security issues"
Next in thread: Linus Torvalds: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]