Re: [PATCH 1/1] dm: add message command to disallow device open

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH 1/1] dm: add message command to disallow device open
From: Daniil Lunev <dlunev@xxxxxxxxxxxx>
Date: Thu, 4 Aug 2022 09:38:36 +1000
Cc: Brian Geffon <bgeffon@xxxxxxxxxx>, Mike Snitzer <snitzer@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, Zdenek Kabelac <zdenek.kabelac@xxxxxxxxx>, dm-devel@xxxxxxxxxx, Mikulas Patocka <mpatocka@xxxxxxxxxx>, Alasdair Kergon <agk@xxxxxxxxxx>
In-reply-to: <YurtfvdeYh0kLd+8@gmail.com>
References: <YtB45Lte5UhlEE6y@redhat.com> <CAONX=-dEG121RQ6L-4fPMXrLXb3JeYNVNiPzHXNaRLbwRzb3bw@mail.gmail.com> <alpine.LRH.2.02.2207150528170.5197@file01.intranet.prod.int.rdu2.redhat.com> <cca5b463-a860-de8d-b7e4-a8d30aef2ff2@gmail.com> <CAONX=-fJHgfGkwR5A1MT+8FHckueehOsUS_LyHkjrgp4Y+vOgw@mail.gmail.com> <CAONX=-ft=ewFDui4jmd2fvcNr2EJc90=ZNOueDdp6HaPZmvObQ@mail.gmail.com> <Yun4LH+StcuBXRtO@sol.localdomain> <CAONX=-esLr5bGUks_a8wQBky37NnCawh2eOMemYg32HcPA7pmA@mail.gmail.com> <Yuq9jhxb+WgO55KJ@gmail.com> <CAONX=-dCrJabyvt2S24kEJi38Pbuzj_4kvugoF_75PWV69bNJw@mail.gmail.com> <YurtfvdeYh0kLd+8@gmail.com>

> I thought you were trying to defend against path traversal attacks, not
> arbitrary code execution?  If your threat model includes arbitrary code
> execution by root, you really need to be using SELinux.
Hm, this is actually a very good point which we somehow missed, hm.
Thanks for pointing that out, let me think on that

--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://listman.redhat.com/mailman/listinfo/dm-devel

References:
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Mike Snitzer
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Daniil Lunev
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Mikulas Patocka
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Zdenek Kabelac
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Daniil Lunev
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Daniil Lunev
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Eric Biggers
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Daniil Lunev
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Eric Biggers
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Daniil Lunev
- Re: [PATCH 1/1] dm: add message command to disallow device open
  - From: Eric Biggers

Prev by Date: Re: [PATCH 1/1] dm: add message command to disallow device open
Next by Date: Re: [PATCH v9 05/13] nvme: zns: Allow ZNS drives that have non-power_of_2 zone size
Previous by thread: Re: [PATCH 1/1] dm: add message command to disallow device open
Next by thread: [PATCH 0/4] Introduce bitmap_size()
Index(es):
- Date
- Thread

[Index of Archives] [DM Crypt] [Fedora Desktop] [ATA RAID] [Fedora Marketing] [Fedora Packaging] [Fedora SELinux] [Yosemite Discussion] [KDE Users] [Fedora Docs]