On Wed, Jun 26, 2019 at 9:45 AM Florian Weimer <fweimer@xxxxxxxxxx> wrote: > > * Andy Lutomirski: > > > Can’t an ELF note be done with some more or less ordinary asm such > > that any link editor will insert it correctly? > > We've just been over this for the CET enablement. ELF PT_NOTE parsing > was rejected there. No one told me this. Unless I missed something, the latest kernel patches still had PT_NOTE parsing. Can you point me at an enlightening thread or explain what happened? > > The problem with a personality flag is that it needs to have some kind > > of sensible behavior for setuid programs, and getting that right in a > > way that doesn’t scream “exploit me” while preserving useful > > compatibility may be tricky. > > Are restrictive personality flags still a problem with user namespaces? > I think it would be fine to restrict this one to CAP_SYS_ADMIN. We could possibly get away with this, but now we're introducing a whole new mechanism. I'd rather just add proper per-namespace sysctls, but this is a pretty big hammer.
