On 2012-11-19 Monday at 10:14 -0800 Kees Cook wrote:
> On Fri, Nov 16, 2012 at 4:39 PM, Kay Sievers wrote:
> > On Sat, Nov 17, 2012 at 1:27 AM, Greg Kroah-Hartman
> > wrote:
> >> On Fri, Nov 16, 2012 at 04:20:16PM -0800, Kees Cook wrote:
> >>> Since devtmpfs is writable, make the default noexec n
On Fri, Nov 16, 2012 at 4:39 PM, Kay Sievers wrote:
> On Sat, Nov 17, 2012 at 1:27 AM, Greg Kroah-Hartman
> wrote:
>> On Fri, Nov 16, 2012 at 04:20:16PM -0800, Kees Cook wrote:
>>> Since devtmpfs is writable, make the default noexec nosuid as well. This
>>> protects from the case of a privileged
On Sat, Nov 17, 2012 at 1:27 AM, Greg Kroah-Hartman
wrote:
> On Fri, Nov 16, 2012 at 04:20:16PM -0800, Kees Cook wrote:
>> Since devtmpfs is writable, make the default noexec nosuid as well. This
>> protects from the case of a privileged process having an arbitrary file
>> write flaw and an argume
On Fri, Nov 16, 2012 at 4:27 PM, Greg Kroah-Hartman
wrote:
> On Fri, Nov 16, 2012 at 04:20:16PM -0800, Kees Cook wrote:
>> Since devtmpfs is writable, make the default noexec nosuid as well. This
>> protects from the case of a privileged process having an arbitrary file
>> write flaw and an argume
On Fri, Nov 16, 2012 at 04:20:16PM -0800, Kees Cook wrote:
> Since devtmpfs is writable, make the default noexec nosuid as well. This
> protects from the case of a privileged process having an arbitrary file
> write flaw and an argumentless arbitrary execution (i.e. it would lack
> the ability to r
Since devtmpfs is writable, make the default noexec nosuid as well. This
protects from the case of a privileged process having an arbitrary file
write flaw and an argumentless arbitrary execution (i.e. it would lack
the ability to run "mount -o remount,exec,suid /dev"), with a system
that already h
6 matches
Mail list logo
