Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds

John Alvord (jalvo@cloud9.net)
Tue, 4 Aug 1998 16:18:31 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: H. Peter Anvin: "Re: mount-2.8a"
Previous message: Terry L Ridder: "CIAO graphs of Linux-2.0.34 (was Re: Static analysis of the Linux kernel)"
In reply to: Theodore Y. Ts'o: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Alan Cox: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Jon Lewis: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"

On Tue, 4 Aug 1998, Theodore Y. Ts'o wrote:

> This is not a technical argument, then, but a social one. This doesn't
> mean that we shouldn't put the stack hack into mainline at some point.
> It just means we have to be careful how we market it, and make sure
> developers still worry about stack overruns.

Doesn't the attack warning log tend to sensitize developers, increasing
the worry factor?

john alvord

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: H. Peter Anvin: "Re: mount-2.8a"
Previous message: Terry L Ridder: "CIAO graphs of Linux-2.0.34 (was Re: Static analysis of the Linux kernel)"
In reply to: Theodore Y. Ts'o: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Alan Cox: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Jon Lewis: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"