Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 14 Feb 2017 23:34:12 +1100 (AEDT)
From: James Morris <jmorris@...ei.org>
To: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
cc: keescook@...omium.org, linux-security-module@...r.kernel.org,
        kernel-hardening@...ts.openwall.com
Subject: Re: Re: [RFC PATCH 1/4] security: mark LSM hooks
 as __ro_after_init

On Tue, 14 Feb 2017, James Morris wrote:

> As mentioned above, we are trying to harden the LSM framework against 
> being an attack vector.  We are not trying to harden it against an already 
> compromised kernel.

I should clarify here -- by already compromised, I mean specifically in 
terms of the attacker being able to bypass/change RO kernel pages.

-- 
James Morris
<jmorris@...ei.org>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.