Re: [PATCH] exec: Weaken dumpability for secureexec

From: Tom Horsley
Date: Wed Jan 03 2018 - 07:12:07 EST

Next message: Mark Brown: "Applied "ASoC: mediatek: fix error handling in mt2701_afe_pcm_dev_probe()" to the asoc tree"
Previous message: Rafael J. Wysocki: "Re: [v3 PATCH 2/3] powernv-cpufreq: Fix pstate_to_idx() to handle non-continguous pstates"
In reply to: Serge E. Hallyn: "Re: [PATCH] exec: Weaken dumpability for secureexec"
Next in thread: Kees Cook: "Re: [PATCH] exec: Weaken dumpability for secureexec"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 3 Jan 2018 01:04:44 -0600
Serge E. Hallyn wrote:

> > This weakens dumpability back to checking only for uid/gid changes in
> > current (which is useless), but userspace depends on dumpability not
> > being tied to secureexec.
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=1528633
> >
> > Reported-by: Tom Horsley <horsley1953@xxxxxxxxx>
>
> Seems right, any chance we could get a tested-by: Tom? (Did we already
> get that?)

I didn't test it myself, but all I'd do is run the test program
I've attached to the bugzilla above which is trivial compared
to be learning how to patch and build kernels. So it would be
much simpler for someone with the kernel already built to
extract the tarball and type make :-).

Next message: Mark Brown: "Applied "ASoC: mediatek: fix error handling in mt2701_afe_pcm_dev_probe()" to the asoc tree"
Previous message: Rafael J. Wysocki: "Re: [v3 PATCH 2/3] powernv-cpufreq: Fix pstate_to_idx() to handle non-continguous pstates"
In reply to: Serge E. Hallyn: "Re: [PATCH] exec: Weaken dumpability for secureexec"
Next in thread: Kees Cook: "Re: [PATCH] exec: Weaken dumpability for secureexec"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]