Re: Compat 32-bit syscall entry from 64-bit task!?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello!

> The real fix is really to use a LSM for custom jails.  Trying to make 
> ptrace secure is trying to make a sieve wather tight by plugging the individual
> holes one by one. It's simply not suitable for this.

As long as the set of syscalls which are permitted is trivial,
it should be secure and much easier than writing a custom LSM.

Regardless, having working strace would be nice.

				Have a nice fortnight
-- 
Martin `MJ' Mares                          <mj@xxxxxx>   http://mj.ucw.cz/
Faculty of Math and Physics, Charles University, Prague, Czech Rep., Earth
"Never send to know for whom the bell tolls: it tolls for thee." -- John Donne
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux