Re: [PATCH] security: Minor improvements to no_new_privs documentation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 07/05/2012 06:43 PM, Kees Cook wrote:
> On Thu, Jul 5, 2012 at 11:23 AM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
>> The documentation didn't actually mention how to enable no_new_privs.
>> This also adds a note about possible interactions between
>> no_new_privs and LSMs (i.e. why teaching systemd to set no_new_privs
>> is not necessarily a good idea), and it references the new docs
>> from include/linux/prctl.h.
>>
>> Suggested-by: Rob Landley <rob@xxxxxxxxxxx>
>> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
> 
> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
> 
> Rob or James, do either of you have a high-priority tree for Linus? It
> would be great to get this into 3.5.

Nope. I've been feeding stuff through -trivial once per release. I need
to jump through a _lot_ more hoops to get my kernel.org account back.

(So far I've only gotten one kernel maintainer, Richard Kuo of Hexagon,
to sign my pgp key. And he doesn't count because he hasn't got a
kernel.org account. And I need to learn how kup prevents access to git,
figure out what replaces rsync for updating kernel.org/doc... it's on my
todo list. Just not very high up.)

Rob
-- 
GNU/Linux isn't: Linux=GPLv2, GNU=GPLv3+, they can't share code.
Either it's "mere aggregation", or a license violation.  Pick one.
--
To unsubscribe from this list: send the line "unsubscribe linux-doc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux