Re: [PATCH v2] security: Yama LSM

From: Alan Cox
Date: Wed Jun 23 2010 - 11:54:58 EST

Next message: James Simmons: "Re: [PATCH] vt/console: try harder to print output when panicing"
Previous message: Avi Kivity: "Re: [PATCH for-2.6.35] virtio-pci: disable msi at startup"
In reply to: Andi Kleen: "Re: [PATCH v2] security: Yama LSM"
Next in thread: Andi Kleen: "Re: [PATCH v2] security: Yama LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > I actually think this is a flaw in get_task_comm. (Though actually it's
> > the fault of terminals if they process dangerous escape sequences. Worst
> > case tends to just be confusing output, but that's not important --
> > nothing should spew non-printables regardless.) Would a patch to
> > get_task_comm be accepted to replace non-printables with "?" or something
> > when filling the buffer?
>
> Probably makes sense, although you might annoy someone who wants Kanji
> process names in UTF-8 or similar.

The task name is irrelevant, user controlled information. It's not
really ideal for use in security logging.

Alan

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: James Simmons: "Re: [PATCH] vt/console: try harder to print output when panicing"
Previous message: Avi Kivity: "Re: [PATCH for-2.6.35] virtio-pci: disable msi at startup"
In reply to: Andi Kleen: "Re: [PATCH v2] security: Yama LSM"
Next in thread: Andi Kleen: "Re: [PATCH v2] security: Yama LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]