Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Ingo Molnar <mingo@xxxxxxx>
Subject: Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
From: James Morris <jmorris@xxxxxxxxx>
Date: Tue, 17 May 2011 12:24:34 +1000 (EST)
Cc: Will Drewry <wad@xxxxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, Steven Rostedt <rostedt@xxxxxxxxxxx>, Frederic Weisbecker <fweisbec@xxxxxxxxx>, Eric Paris <eparis@xxxxxxxxxx>, kees.cook@xxxxxxxxxxxxx, agl@xxxxxxxxxxxx, Peter Zijlstra <a.p.zijlstra@xxxxxxxxx>, "Serge E. Hallyn" <serge@xxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Tejun Heo <tj@xxxxxxxxxx>, Michal Marek <mmarek@xxxxxxx>, Oleg Nesterov <oleg@xxxxxxxxxx>, Jiri Slaby <jslaby@xxxxxxx>, Russell King <linux@xxxxxxxxxxxxxxxx>, Michal Simek <monstr@xxxxxxxxx>, Ralf Baechle <ralf@xxxxxxxxxxxxxx>, Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx>, Paul Mackerras <paulus@xxxxxxxxx>, Martin Schwidefsky <schwidefsky@xxxxxxxxxx>, Heiko Carstens <heiko.carstens@xxxxxxxxxx>, linux390@xxxxxxxxxx, Paul Mundt <lethal@xxxxxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, x86@xxxxxxxxxx, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, linux-arm-kernel@xxxxxxxxxxxxxxxxxxx, linux-mips@xxxxxxxxxxxxxx, linuxppc-dev@xxxxxxxxxxxxxxxx, linux-s390@xxxxxxxxxxxxxxx, linux-sh@xxxxxxxxxxxxxxx, sparclinux@xxxxxxxxxxxxxxx, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
In-reply-to: <20110516150837.GA513@xxxxxxx>
User-agent: Alpine 2.00 (LRH 1167 2008-08-23)

On Mon, 16 May 2011, Ingo Molnar wrote:

> > Not really.
> > 
> > Firstly, what is the security goal of these restrictions? [...]
> 
> To do what i described above? Namely:
> 
>  " Sandboxed code should only be allowed to open files in /home/sandbox/, /lib/
>    and /usr/lib/ "

These are access rules, they don't really describe a high-level security 
goal.  How do you know it's ok to open everything in these directories?

- James
-- 
James Morris
<jmorris@xxxxxxxxx>

Follow-Ups:
- Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
  - From: Ingo Molnar

References:
- [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
  - From: Will Drewry
- Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
  - From: Ingo Molnar
- Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
  - From: James Morris
- Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
  - From: Ingo Molnar
- Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
  - From: James Morris
- Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
  - From: Ingo Molnar
- Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
  - From: James Morris
- Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
  - From: Ingo Molnar

Prev by Date: Re: patch to support topdown mmap allocation in MIPS
Next by Date: Re: patch to support topdown mmap allocation in MIPS
Previous by thread: Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
Next by thread: Re: [PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
Index(es):
- Date
- Thread

[Index of Archives] [Linux MIPS Home] [LKML Archive] [Linux ARM Kernel] [Linux ARM] [Linux] [Git] [Yosemite News] [Linux SCSI] [Linux Hams]