On Fri, Aug 11, 2017 at 12:33 PM, Tyler Hicks <tyhicks@xxxxxxxxxxxxx> wrote: > On 08/11/2017 02:17 PM, Kees Cook wrote: >> One thought here: should "kill" be always forced on during a write? >> This flag effectively cannot be disabled, so listing it (or not) in >> the sysctl may be confusing... > > "kill" can be silenced in the current implementation. Lets hammer out > whether or not that's the right thing to do and then we can discuss the > sysctl behavior on write. I don't personally have any concerns about an > admin being able to silence RET_KILL logs but let me know if you are > against it. Oh right, this is fine. Yeah, as long as the default is to log it (which it is) I'm fine. Thanks! -Kees -- Kees Cook Pixel Security -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
