subject:"\[PATCH v6 7\/7\] ima\: add policy support for the new file open MAY

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

2020-07-16 Thread Kees Cook

On Thu, Jul 16, 2020 at 07:59:20AM -0700, Randy Dunlap wrote: > On 7/16/20 7:40 AM, Mickaël Salaün wrote: > > > > On 15/07/2020 22:40, Kees Cook wrote: > >> On Tue, Jul 14, 2020 at 08:16:38PM +0200, Mickaël Salaün wrote: > >>> From: Mimi Zohar > >>> > >>> The kernel has no way of differentiating

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

2020-07-16 Thread Kees Cook

On Thu, Jul 16, 2020 at 04:40:15PM +0200, Mickaël Salaün wrote: > > On 15/07/2020 22:40, Kees Cook wrote: > > On Tue, Jul 14, 2020 at 08:16:38PM +0200, Mickaël Salaün wrote: > >> From: Mimi Zohar > >> > >> The kernel has no way of differentiating between a file containing data > >> or code being

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

2020-07-16 Thread Mickaël Salaün

On 16/07/2020 16:59, Randy Dunlap wrote: > On 7/16/20 7:40 AM, Mickaël Salaün wrote: >> >> On 15/07/2020 22:40, Kees Cook wrote: >>> On Tue, Jul 14, 2020 at 08:16:38PM +0200, Mickaël Salaün wrote: From: Mimi Zohar The kernel has no way of differentiating between a file containing

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

2020-07-16 Thread Randy Dunlap

On 7/16/20 7:40 AM, Mickaël Salaün wrote: > > On 15/07/2020 22:40, Kees Cook wrote: >> On Tue, Jul 14, 2020 at 08:16:38PM +0200, Mickaël Salaün wrote: >>> From: Mimi Zohar >>> >>> The kernel has no way of differentiating between a file containing data >>> or code being opened by an interpreter.

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

2020-07-16 Thread Mickaël Salaün

On 15/07/2020 22:40, Kees Cook wrote: > On Tue, Jul 14, 2020 at 08:16:38PM +0200, Mickaël Salaün wrote: >> From: Mimi Zohar >> >> The kernel has no way of differentiating between a file containing data >> or code being opened by an interpreter. The proposed O_MAYEXEC >> openat2(2) flag bridges

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

2020-07-15 Thread Kees Cook

On Tue, Jul 14, 2020 at 08:16:38PM +0200, Mickaël Salaün wrote: > From: Mimi Zohar > > The kernel has no way of differentiating between a file containing data > or code being opened by an interpreter. The proposed O_MAYEXEC > openat2(2) flag bridges this gap by defining and enabling the > MAY_OP

[PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

2020-07-14 Thread Mickaël Salaün

From: Mimi Zohar The kernel has no way of differentiating between a file containing data or code being opened by an interpreter. The proposed O_MAYEXEC openat2(2) flag bridges this gap by defining and enabling the MAY_OPENEXEC flag. This patch adds IMA policy support for the new MAY_OPENEXEC fl

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

Re: [PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

[PATCH v6 7/7] ima: add policy support for the new file open MAY_OPENEXEC flag

7 matches

Site Navigation

Mail list logo

Footer information