Re: seccomp for 2.6.11-rc1-bk8

From: Andrea Arcangeli
Date: Sat Jan 22 2005 - 19:53:16 EST

Next message: Con Kolivas: "Re: [PATCH]sched: Isochronous class v2 for unprivileged soft rt scheduling"
Previous message: Andrea Arcangeli: "Re: seccomp for 2.6.11-rc1-bk8"
In reply to: Rik van Riel: "Re: seccomp for 2.6.11-rc1-bk8"
Next in thread: Valdis . Kletnieks: "Re: seccomp for 2.6.11-rc1-bk8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Jan 22, 2005 at 07:43:26PM -0500, Rik van Riel wrote:
> On Sun, 23 Jan 2005, Andrea Arcangeli wrote:
>
> >I'm doing something that requires the maximum level of
> >security ever,
>
> You're kidding, right ?

Why should I be kidding? The client code I'm doing, has to be at least as secure
as ssh and the firewall code, what else has to be more secure than that?
Nor ssh nor the firewall code depends on ptrace for their security. The
nice thing is that I can embed all the security in the kernel with
seccomp, and I'd be a fool not trying it to get it merged and to
complicate my life with ptrace.

Once seccomp is in, I believe there's a chance that security people uses
it for more than Cpushare while I don't think there's a chance you'll
see security people using ptrace_syscall hardcoding the syscall numbers
in every userland app out there that may have to parse untrusted data
with potentially buggy bytecode (i.e. decompression bytecode etc..).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Con Kolivas: "Re: [PATCH]sched: Isochronous class v2 for unprivileged soft rt scheduling"
Previous message: Andrea Arcangeli: "Re: seccomp for 2.6.11-rc1-bk8"
In reply to: Rik van Riel: "Re: seccomp for 2.6.11-rc1-bk8"
Next in thread: Valdis . Kletnieks: "Re: seccomp for 2.6.11-rc1-bk8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]