Re: [security]: kernel ioctl()'s [3]

Chris Evans (chris@ferret.lmh.ox.ac.uk)
Fri, 2 Jul 1999 00:36:40 +0100 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jamie Lokier: "Re: [security]: kernel ioctl()'s [2]"
Previous message: Alan Cox: "Re: [security]: kernel ioctl()'s [3]"

On Thu, 1 Jul 1999, Alexander Viro wrote:

> On Fri, 2 Jul 1999, Chris Evans wrote:
>
> > IMHO, immutable support is fine as it is - as Alan has rightly said,
> > giving users the opportunity to set some variant of immutable on their
> > files, is dangerous.
>
> Why? user-immutable can be removed by user and by root. If the

Because programs running as root assume

open("blah", O_RDWR)
write(blah)

will work. They do NOT expect to have to

open("blah", O_RDWR)
if (-EPERM)
chflags("blah", immutable off)
open("blah", O_RDWR)

Chris

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jamie Lokier: "Re: [security]: kernel ioctl()'s [2]"
Previous message: Alan Cox: "Re: [security]: kernel ioctl()'s [3]"