Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: John Wood <john.wood@xxxxxxx>
Subject: Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
From: Andi Kleen <ak@xxxxxxxxxxxxxxx>
Date: Thu, 11 Mar 2021 12:05:17 -0800
Cc: Kees Cook <keescook@xxxxxxxxxxxx>, Jann Horn <jannh@xxxxxxxxxx>, Randy Dunlap <rdunlap@xxxxxxxxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, James Morris <jmorris@xxxxxxxxx>, Shuah Khan <shuah@xxxxxxxxxx>, "Serge E. Hallyn" <serge@xxxxxxxxxx>, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>, linux-doc@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, linux-kselftest@xxxxxxxxxxxxxxx, kernel-hardening@xxxxxxxxxxxxxxxxxx
In-reply-to: <20210309184054.GA3058@ubuntu>
References: <20210227153013.6747-1-john.wood@gmx.com> <20210227153013.6747-8-john.wood@gmx.com> <878s78dnrm.fsf@linux.intel.com> <20210302183032.GA3049@ubuntu> <20210307151920.GR472138@tassilo.jf.intel.com> <20210307164520.GA16296@ubuntu> <20210307172540.GS472138@tassilo.jf.intel.com> <20210307180541.GA17108@ubuntu> <20210307224927.GT472138@tassilo.jf.intel.com> <20210309184054.GA3058@ubuntu>

<scenario that init will not be killed>

Thanks.

Okay but that means that the brute force attack can just continue
because the attacked daemon will be respawned?

You need some way to stop the respawning, otherwise the
mitigation doesn't work for daemons.


-Andi

Follow-Ups:
- Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
  - From: John Wood

References:
- [PATCH v5 0/8] Fork brute force attack mitigation
  - From: John Wood
- [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
  - From: John Wood
- Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
  - From: Andi Kleen
- Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
  - From: John Wood
- Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
  - From: Andi Kleen
- Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
  - From: John Wood
- Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
  - From: Andi Kleen
- Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
  - From: John Wood
- Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
  - From: Andi Kleen
- Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
  - From: John Wood

Prev by Date: Re: [Patch v3 0/2] cgroup: New misc cgroup controller
Next by Date: Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
Previous by thread: Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
Next by thread: Re: [PATCH v5 7/8] Documentation: Add documentation for the Brute LSM
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Linux FS] [Yosemite Forum] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper] [Linux Resources]