Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 20 Sep 2011 08:47:37 +0300
From: Alexey Dobriyan <>
To: Linus Torvalds <>
Cc: Vasiliy Kulikov <>,
	Balbir Singh <>,
	Shailabh Nagar <>,,, Eric Paris <>,
	Stephen Wilson <>,
	KOSAKI Motohiro <>,
	David Rientjes <>,
	Andrew Morton <>,
	Balbir Singh <>,
Subject: Re: [Security] [PATCH 2/2] taskstats: restrict access to user

On Mon, Sep 19, 2011 at 10:45:20AM -0700, Linus Torvalds wrote:
> On Mon, Sep 19, 2011 at 10:39 AM, Vasiliy Kulikov <> wrote:
> >
> > Shouldn't it simply protect taskstats_user_cmd()?  You may still poll
> Yeah, I wondered where I'd really want to hook it in, that was the
> other option.
> However, one thing that I'm currently independently asking some
> networking people is whether that patch guarantees anything at all: is
> the netlink command even guaranteed to be run in the same context as
> the person sending it?
> After all, it comes in as a packet of data.  How synchronous is the
> genetlink thing guaranteed to be in the first place?
> IOW, are *any* of those "check current capabilities/euid" approaches
> really guaranteed to be valid? Are they valid today, will they
> necessarily be valid in a year?

Netlink was made syncronous by commit cd40b7d3983c708aabe3d3008ec64ffce56d33b0
"[NET]: make netlink user -> kernel interface synchronious".

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.