Date: Tue, 30 May 2017 19:40:33 -0400 From: Daniel Micay <danielmicay@...il.com> To: Matt Brown <matt@...tt.com>, Nick Kralevich <nnk@...gle.com>, Stephen Smalley <sds@...ho.nsa.gov>, Alan Cox <gnomes@...rguk.ukuu.org.uk>, Kees Cook <keescook@...omium.org> Cc: Casey Schaufler <casey@...aufler-ca.com>, Boris Lukashev <blukashev@...pervictus.com>, Greg KH <gregkh@...uxfoundation.org>, "Serge E. Hallyn" <serge@...lyn.com>, kernel-hardening@...ts.openwall.com, linux-security-module <linux-security-module@...r.kernel.org>, linux-kernel <linux-kernel@...r.kernel.org> Subject: Re: Re: [PATCH v7 2/2] security: tty: make TIOCSTI ioctl require CAP_SYS_ADMIN On Tue, 2017-05-30 at 19:00 -0400, Matt Brown wrote: > On 5/30/17 4:22 PM, Daniel Micay wrote: > > > Thanks, I didn't know that android was doing this. I still think > > > this > > > feature > > > is worthwhile for people to be able to harden their systems > > > against > > > this attack > > > vector without having to implement a MAC. > > > > Since there's a capable LSM hook for ioctl already, it means it > > could go > > in Yama with ptrace_scope but core kernel code would still need to > > be > > changed to track the owning tty. I think Yama vs. core kernel > > shouldn't > > matter much anymore due to stackable LSMs. > > > > What does everyone think about a v8 that moves this feature under Yama > and uses > the file_ioctl LSM hook? It would only make a difference if it could be fully contained there, as in not depending on tracking the tty owner.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.