On Sep 18, 2016 5:05 AM, "Jann Horn" <jann@xxxxxxxxx> wrote: > > This ensures that VFS implementations don't call ptrace_may_access() from > VFS read or write handlers. In order for file descriptor passing to have > its intended security properties, VFS read/write handlers must not do any > kind of privilege checking. > Ooh, nifty! Can you warn about capable() too? Warning about all access to current->cred could be fun. I expect we have zillions of these bugs. Think keys, netlink, proc, etc. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
