On Fri, 9 Mar 2018, Kees Cook wrote:
> The LSM check should happen after the file has been confirmed to be
> unchanging. Without this, we could have a race between the Time of Check
> (the call to security_kernel_read_file() which could read the file and
> make access policy decisions) and the Tim
On Fri, 9 Mar 2018, Kees Cook wrote:
> The LSM check should happen after the file has been confirmed to be
> unchanging. Without this, we could have a race between the Time of Check
> (the call to security_kernel_read_file() which could read the file and
> make access policy decisions) and the Tim
On Fri, 2018-03-09 at 11:54 -0800, Kees Cook wrote:
> On Fri, Mar 9, 2018 at 11:47 AM, Linus Torvalds
> wrote:
> > On Fri, Mar 9, 2018 at 11:30 AM, Kees Cook wrote:
> >> The LSM check should happen after the file has been confirmed to be
> >> unchanging. Without this, we could have a race between
On Fri, Mar 9, 2018 at 11:47 AM, Linus Torvalds
wrote:
> On Fri, Mar 9, 2018 at 11:30 AM, Kees Cook wrote:
>> The LSM check should happen after the file has been confirmed to be
>> unchanging. Without this, we could have a race between the Time of Check
>> (the call to security_kernel_read_file()
On Fri, Mar 9, 2018 at 11:30 AM, Kees Cook wrote:
> The LSM check should happen after the file has been confirmed to be
> unchanging. Without this, we could have a race between the Time of Check
> (the call to security_kernel_read_file() which could read the file and
> make access policy decisions
The LSM check should happen after the file has been confirmed to be
unchanging. Without this, we could have a race between the Time of Check
(the call to security_kernel_read_file() which could read the file and
make access policy decisions) and the Time of Use (starting with
kernel_read_file()'s r
6 matches
Mail list logo
