On 04/05, Eric W. Biederman wrote:
>
> Oleg Nesterov writes:
>
> >> --- a/kernel/signal.c
> >> +++ b/kernel/signal.c
> >> @@ -995,6 +995,10 @@ static int __send_signal(int sig, struct siginfo
> >> *info, struct task_struct *t,
> >>from_ancestor_ns || (info ==
On 04/05, Eric W. Biederman wrote:
>
> Oleg Nesterov writes:
>
> >> --- a/kernel/signal.c
> >> +++ b/kernel/signal.c
> >> @@ -995,6 +995,10 @@ static int __send_signal(int sig, struct siginfo
> >> *info, struct task_struct *t,
> >>from_ancestor_ns || (info ==
Oleg Nesterov writes:
> On 04/02, Eric W. Biederman wrote:
>>
>> Add exec_id to signal_struct and compare it at a few choice moments.
>
> I really dislike this change no matter what, sorry.
>
> Firstly, task_struct->*_exec_id should simply die (I already have the
> patch), or at
Oleg Nesterov writes:
> On 04/02, Eric W. Biederman wrote:
>>
>> Add exec_id to signal_struct and compare it at a few choice moments.
>
> I really dislike this change no matter what, sorry.
>
> Firstly, task_struct->*_exec_id should simply die (I already have the
> patch), or at least they
On 04/02, Eric W. Biederman wrote:
>
> Add exec_id to signal_struct and compare it at a few choice moments.
I really dislike this change no matter what, sorry.
Firstly, task_struct->*_exec_id should simply die (I already have the
patch), or at least they should be moved into signal_struct simply
On 04/02, Eric W. Biederman wrote:
>
> Add exec_id to signal_struct and compare it at a few choice moments.
I really dislike this change no matter what, sorry.
Firstly, task_struct->*_exec_id should simply die (I already have the
patch), or at least they should be moved into signal_struct simply
Add exec_id to signal_struct and compare it at a few choice moments.
I believe this closes the security holes that letting the zombie
threads linger after exec opens up.
The problem is that old threads may have different creds after a setuid
exec, and then formerly shared resources may change.
Add exec_id to signal_struct and compare it at a few choice moments.
I believe this closes the security holes that letting the zombie
threads linger after exec opens up.
The problem is that old threads may have different creds after a setuid
exec, and then formerly shared resources may change.
8 matches
Mail list logo