Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 14 Feb 2017 23:34:12 +1100 (AEDT)
From: James Morris <>
To: Tetsuo Handa <>
Subject: Re: Re: [RFC PATCH 1/4] security: mark LSM hooks
 as __ro_after_init

On Tue, 14 Feb 2017, James Morris wrote:

> As mentioned above, we are trying to harden the LSM framework against 
> being an attack vector.  We are not trying to harden it against an already 
> compromised kernel.

I should clarify here -- by already compromised, I mean specifically in 
terms of the attacker being able to bypass/change RO kernel pages.

James Morris

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.