Re: [PATCH] LSM: add static to security_ops variable

From: Alexey Dobriyan
Date: Fri Feb 19 2010 - 07:02:32 EST

Next message: Alan Cox: "Re: [PATCH] Add a new VT mode which is like VT_PROCESS but doesn'trequire a VT_RELDISP ioctl call"
Previous message: Ari G. Entlich: "Re: [PATCH] Add a new VT mode which is like VT_PROCESS but doesn'trequire a VT_RELDISP ioctl call"
In reply to: wzt wzt: "Re: [PATCH] LSM: add static to security_ops variable"
Next in thread: wzt wzt: "Re: [PATCH] LSM: add static to security_ops variable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 19, 2010 at 1:57 PM, wzt wzt <wzt.wzt@xxxxxxxxx> wrote:
> Maybe, but The attackers will use a complicated way to find the
> security_ops address, it's a barrier to attackers.

It's not a barrier, it's garbage. Once you know the adress security_ops
ended up at, you simply write to it.

> LSM is security framework, we don't want the attackers can easily
> to break it.

LSM doesn't protect kernel from kernel.

> Just like the sys_call_table variable in kernel 2.4.x(global and
> writeable), evil drivers can extern the variable, then replace the
> Sys_X functions.

Not that easily, but they still can.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: [PATCH] Add a new VT mode which is like VT_PROCESS but doesn'trequire a VT_RELDISP ioctl call"
Previous message: Ari G. Entlich: "Re: [PATCH] Add a new VT mode which is like VT_PROCESS but doesn'trequire a VT_RELDISP ioctl call"
In reply to: wzt wzt: "Re: [PATCH] LSM: add static to security_ops variable"
Next in thread: wzt wzt: "Re: [PATCH] LSM: add static to security_ops variable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]