Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Will Drewry <wad@xxxxxxxxxxxx>
Subject: Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
From: Alan Cox <alan@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 12 Jan 2012 17:11:45 +0000
Cc: linux-kernel@xxxxxxxxxxxxxxx, keescook@xxxxxxxxxxxx, john.johansen@xxxxxxxxxxxxx, serge.hallyn@xxxxxxxxxxxxx, coreyb@xxxxxxxxxxxxxxxxxx, pmoore@xxxxxxxxxx, eparis@xxxxxxxxxx, djm@xxxxxxxxxxx, torvalds@xxxxxxxxxxxxxxxxxxxx, segoon@xxxxxxxxxxxx, rostedt@xxxxxxxxxxx, jmorris@xxxxxxxxx, scarybeasts@xxxxxxxxx, avi@xxxxxxxxxx, penberg@xxxxxxxxxxxxxx, viro@xxxxxxxxxxxxxxxxxx, luto@xxxxxxx, mingo@xxxxxxx, akpm@xxxxxxxxxxxxxxxxxxxx, khilman@xxxxxx, borislav.petkov@xxxxxxx, amwang@xxxxxxxxxx, oleg@xxxxxxxxxx, ak@xxxxxxxxxxxxxxx, eric.dumazet@xxxxxxxxx, gregkh@xxxxxxx, dhowells@xxxxxxxxxx, daniel.lezcano@xxxxxxx, linux-fsdevel@xxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, olofj@xxxxxxxxxxxx, mhalcrow@xxxxxxxxxx, dlaor@xxxxxxxxxx
In-reply-to: <CABqD9hbEzcEF3KbG4=yA2haUUaXB8rMH9JbO+ZkZHU08Nt3ydQ@mail.gmail.com>

> more about).  Since setuid is privilege escalation, then perhaps it
> makes sense to allow it as an escape hatch.
> 
> Would it be sane to just disallow setuid exec exclusively?

I think that is a policy question. I can imagine cases where either
behaviour is the "right" one so it may need to be a parameter ?

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Follow-Ups:
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
  - From: Will Drewry

References:
- [RFC,PATCH 0/2] dynamic seccomp policies (using BPF filters)
  - From: Will Drewry
- [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
  - From: Will Drewry
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
  - From: Alan Cox
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
  - From: Will Drewry

Prev by Date: Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
Next by Date: Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
Previous by thread: Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
Next by thread: Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
Index(es):
- Date
- Thread

[Index of Archives] [Linux Ext4 Filesystem] [Union Filesystem] [Filesystem Testing] [Ceph Users] [Ecryptfs] [AutoFS] [Kernel Newbies] [Share Photos] [Security] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux Cachefs] [Reiser Filesystem] [Linux RAID] [Samba] [Device Mapper] [CEPH Development]