Date: Fri, 9 Apr 2021 08:06:21 -0700 From: Andi Kleen <ak@...ux.intel.com> To: John Wood <john.wood@....com> Cc: Valdis Klētnieks <valdis.kletnieks@...edu>, kernelnewbies@...nelnewbies.org, Kees Cook <keescook@...omium.org>, kernel-hardening@...ts.openwall.com Subject: Re: Notify special task kill using wait* functions > > Any caching of state is inherently insecure because any caches of limited > > size can be always thrashed by a purposeful attacker. I suppose the > > only thing that would work is to actually write something to the > > executable itself on disk, but of course that doesn't always work either. > > I'm also working on this. In the next version I will try to find a way to > prevent brute force attacks through the execve system call with more than > one level of forking. Thanks. Thinking more about it what I wrote above wasn't quite right. The cache would only need to be as big as the number of attackable services/suid binaries. Presumably on many production systems that's rather small, so a cache (which wouldn't actually be a cache, but a complete database) might actually work. -Andi
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.