Re: [PATCH] [RFC] Deter exploit bruteforcing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2 Jan 2015, Jiri Kosina wrote:

> > > You also want to protect against binaries that are evil on purpose,
> > > right?
> > 
> > Umm. No. Not by default. We don't want to break crashme or trinity by
> > default.
> 
> I thought trinity is issuing syscalls directly (would make more sense than 
> going through glibc, wouldn't it?) ... haven't checked the source though.

Okay, I checked, it is. Now I get your point. Seems like "too much pain 
for little gain" though. So it really should be optional, so that 
potentially exposed systems (such as hosting servers, where things like 
trinity are not expected to be run) could turn it on voluntarily.

-- 
Jiri Kosina
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux