Date: Tue, 7 Nov 2017 13:11:00 -0800 From: Linus Torvalds <torvalds@...ux-foundation.org> To: "Tobin C. Harding" <me@...in.cc> Cc: David Laight <David.Laight@...lab.com>, "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, "Jason A. Donenfeld" <Jason@...c4.com>, "Theodore Ts'o" <tytso@....edu>, Kees Cook <keescook@...omium.org>, Paolo Bonzini <pbonzini@...hat.com>, Tycho Andersen <tycho@...ker.com>, "Roberts, William C" <william.c.roberts@...el.com>, Tejun Heo <tj@...nel.org>, Jordan Glover <Golden_Miller83@...tonmail.ch>, Greg KH <gregkh@...uxfoundation.org>, Petr Mladek <pmladek@...e.com>, Joe Perches <joe@...ches.com>, Ian Campbell <ijc@...lion.org.uk>, Sergey Senozhatsky <sergey.senozhatsky@...il.com>, Catalin Marinas <catalin.marinas@....com>, Will Deacon <wilal.deacon@....com>, Steven Rostedt <rostedt@...dmis.org>, Chris Fries <cfries@...gle.com>, Dave Weinstein <olorin@...gle.com>, Daniel Micay <danielmicay@...il.com>, Djalal Harouni <tixxdz@...il.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Network Development <netdev@...r.kernel.org>, David Miller <davem@...emloft.net> Subject: Re: [PATCH v4] scripts: add leaking_addresses.pl On Tue, Nov 7, 2017 at 12:58 PM, Tobin C. Harding <me@...in.cc> wrote: > > Interesting idea. Isn't the same outcome already achieved with > dmesg_restrict. I appreciate that this does beg the question 'why are we > scanning dmesg then?' dmesg_restrict is even more asinine than kptr_restrict. It's a completely idiotic flag, only useful for distributions that then also refuse to show system journals to regular users. And such distributions are garbage, since that also effectively means that users can't sanely make bug reports etc. In other words, the whole 'dmesg_restrict' is the _classic_ case of so-called "security" people who make bad decisions, and play security theater. This is exactly the kind of crap that the grsecurity people came up with, and I'm sorry it was ever back-ported into the mainline kernel, because it's f*cking retarded. I often wish that security people used their brains more than they actually seem to do. Because a lot of them don't actually seem to ever look at the big picture, and they do these kinds of security theater garbage patches that don't actually help anything what-so-ever, but make people say "that's good security". And yes, the same would _very_ much be true of anything that just hides the pointers from users when they read dmesg. It wouldn't be sufficient to change the kernel, you also would have to change every single program that implements system logging, and once you did that, you'd have screwed up system debuggability. So really, people - start thinking critically about security. That VERY MUCH also means starting to thinking critically about things that people _claim_ are a security feature. Linus
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.