Re: [PATCH v6 4/8] security/brute: Fine tuning the attack detection

On Sat, Mar 20, 2021 at 04:46:48PM +0100, John Wood wrote: > On Wed, Mar 17, 2021 at 09:00:51PM -0700, Kees Cook wrote: > > On Sun, Mar 07, 2021 at 12:30:27PM +0100, John Wood wrote: > > > +/** > > > + * brute_reset_stats() - Reset the statistical data. > > > + * @stats: Statistics to be reset. > >

Re: [PATCH v6 4/8] security/brute: Fine tuning the attack detection

On Wed, Mar 17, 2021 at 09:00:51PM -0700, Kees Cook wrote: > On Sun, Mar 07, 2021 at 12:30:27PM +0100, John Wood wrote: > > #include > > +#include > > +#include > > +#include > > +#include > > #include > > #include > > +#include > > +#include > > #include > > +#include > > #include

Re: [PATCH v6 4/8] security/brute: Fine tuning the attack detection

On Sun, Mar 07, 2021 at 12:30:27PM +0100, John Wood wrote: > To avoid false positives during the attack detection it is necessary to > narrow the possible cases. Only the following scenarios are taken into > account: > > 1.- Launching (fork()/exec()) a setuid/setgid process repeatedly until a >

[PATCH v6 4/8] security/brute: Fine tuning the attack detection

To avoid false positives during the attack detection it is necessary to narrow the possible cases. Only the following scenarios are taken into account: 1.- Launching (fork()/exec()) a setuid/setgid process repeatedly until a desirable memory layout is got (e.g. Stack Clash). 2.- Connecting to