On 06/24/2016 05:18 PM, Casey Schaufler wrote:
On 6/24/2016 1:40 AM, Michael Kerrisk (man-pages) wrote:
On 06/22/2016 11:11 PM, Kees Cook wrote:
On Wed, Jun 22, 2016 at 12:21 PM, Michael Kerrisk (man-pages)
wrote:
On 06/21/2016 10:55 PM, Jann Horn wrote:
On Tue, Jun 21, 2016 at 11:41:16AM
On Fri, Jun 24, 2016 at 8:18 AM, Casey Schaufler wrote:
> On 6/24/2016 1:40 AM, Michael Kerrisk (man-pages) wrote:
>> So, I just want to check my understanding of a couple of points:
>>
>> 1. The commoncap LSM is invoked first, and if it denies access,
>>then no further LSM is/needs to be call
On 6/24/2016 1:40 AM, Michael Kerrisk (man-pages) wrote:
> On 06/22/2016 11:11 PM, Kees Cook wrote:
>> On Wed, Jun 22, 2016 at 12:21 PM, Michael Kerrisk (man-pages)
>> wrote:
>>> On 06/21/2016 10:55 PM, Jann Horn wrote:
On Tue, Jun 21, 2016 at 11:41:16AM +0200, Michael Kerrisk (man-pages)
>
Hi Eric,
On 06/23/2016 09:04 PM, Eric W. Biederman wrote:
"Michael Kerrisk (man-pages)" writes:
Hi Eric,
On 06/21/2016 09:55 PM, Eric W. Biederman wrote:
Hmm.
When I gave this level of detail about the user namespace permission
checks you gave me some flack, because it was not particularly
On 06/22/2016 11:11 PM, Kees Cook wrote:
On Wed, Jun 22, 2016 at 12:21 PM, Michael Kerrisk (man-pages)
wrote:
On 06/21/2016 10:55 PM, Jann Horn wrote:
On Tue, Jun 21, 2016 at 11:41:16AM +0200, Michael Kerrisk (man-pages)
wrote:
5. The kernel LSM security_ptrace_access_check() interfa
Stephen,
On 06/23/2016 08:05 PM, Stephen Smalley wrote:
On 06/21/2016 05:41 AM, Michael Kerrisk (man-pages) wrote:
Hi Jann, Stephen, et al.
Jann, since you recently committed a patch in this area, and Stephen,
since you committed 006ebb40d3d much further back in time, I wonder if
you might hel
On 06/23/2016 08:56 PM, Eric W. Biederman wrote:
"Michael Kerrisk (man-pages)" writes:
Hi Oleg,
On 06/22/2016 11:51 PM, Oleg Nesterov wrote:
On 06/21, Eric W. Biederman wrote:
Adding Oleg just because he seems to do most of the ptrace related
maintenance these days.
so I have to admit th
On Thu, Jun 23, 2016 at 09:42:09AM +0200, Michael Kerrisk (man-pages) wrote:
> Hi Jann,
>
> Thanks for your further review. Follow-up of one point below.
>
> On 06/23/2016 12:44 AM, Jann Horn wrote:
> >On Wed, Jun 22, 2016 at 09:21:29PM +0200, Michael Kerrisk (man-pages) wrote:
> >>On 06/21/2016
"Michael Kerrisk (man-pages)" writes:
> Hi Eric,
>
> On 06/21/2016 09:55 PM, Eric W. Biederman wrote:
>> Hmm.
>>
>> When I gave this level of detail about the user namespace permission
>> checks you gave me some flack, because it was not particularly
>> comprehensible to the end users. I think y
"Michael Kerrisk (man-pages)" writes:
> Hi Oleg,
>
> On 06/22/2016 11:51 PM, Oleg Nesterov wrote:
>> On 06/21, Eric W. Biederman wrote:
>>>
>>> Adding Oleg just because he seems to do most of the ptrace related
>>> maintenance these days.
>>
>> so I have to admit that I never even tried to actual
On 06/21/2016 05:41 AM, Michael Kerrisk (man-pages) wrote:
> Hi Jann, Stephen, et al.
>
> Jann, since you recently committed a patch in this area, and Stephen,
> since you committed 006ebb40d3d much further back in time, I wonder if
> you might help me by reviewing the text below that I propose to
Hi Jann,
Thanks for your further review. Follow-up of one point below.
On 06/23/2016 12:44 AM, Jann Horn wrote:
On Wed, Jun 22, 2016 at 09:21:29PM +0200, Michael Kerrisk (man-pages) wrote:
On 06/21/2016 10:55 PM, Jann Horn wrote:
On Tue, Jun 21, 2016 at 11:41:16AM +0200, Michael Kerrisk (man-
Hi Oleg,
On 06/22/2016 11:51 PM, Oleg Nesterov wrote:
On 06/21, Eric W. Biederman wrote:
Adding Oleg just because he seems to do most of the ptrace related
maintenance these days.
so I have to admit that I never even tried to actually understand
ptrace_may_access ;)
We certainly need somet
On 06/22/2016 11:11 PM, Kees Cook wrote:
On Wed, Jun 22, 2016 at 12:21 PM, Michael Kerrisk (man-pages)
wrote:
On 06/21/2016 10:55 PM, Jann Horn wrote:
On Tue, Jun 21, 2016 at 11:41:16AM +0200, Michael Kerrisk (man-pages)
wrote:
5. The kernel LSM security_ptrace_access_check() interfa
On Wed, Jun 22, 2016 at 09:21:29PM +0200, Michael Kerrisk (man-pages) wrote:
> On 06/21/2016 10:55 PM, Jann Horn wrote:
> >On Tue, Jun 21, 2016 at 11:41:16AM +0200, Michael Kerrisk (man-pages) wrote:
> >>Here's the new ptrace(2) text. Any comments, technical or terminological
> >>fixes, other impro
On 06/21, Eric W. Biederman wrote:
>
> Adding Oleg just because he seems to do most of the ptrace related
> maintenance these days.
so I have to admit that I never even tried to actually understand
ptrace_may_access ;)
> We certainly need something that gives a high level view so people
> reading
On Wed, Jun 22, 2016 at 12:21 PM, Michael Kerrisk (man-pages)
wrote:
> On 06/21/2016 10:55 PM, Jann Horn wrote:
>> On Tue, Jun 21, 2016 at 11:41:16AM +0200, Michael Kerrisk (man-pages)
>> wrote:
>>>5. The kernel LSM security_ptrace_access_check() interface is
>>>invoked to se
Hi Jann,
On 06/21/2016 10:55 PM, Jann Horn wrote:
On Tue, Jun 21, 2016 at 11:41:16AM +0200, Michael Kerrisk (man-pages) wrote:
Hi Jann, Stephen, et al.
Jann, since you recently committed a patch in this area, and Stephen,
since you committed 006ebb40d3d much further back in time, I wonder if
Hi Kees,
On 06/21/2016 10:29 PM, Kees Cook wrote:
On Tue, Jun 21, 2016 at 12:55 PM, Eric W. Biederman
wrote:
Adding Oleg just because he seems to do most of the ptrace related
maintenance these days.
"Michael Kerrisk (man-pages)" writes:
Hi Jann, Stephen, et al.
Jann, since you recently
Hi Eric,
On 06/21/2016 09:55 PM, Eric W. Biederman wrote:
Adding Oleg just because he seems to do most of the ptrace related
maintenance these days.
"Michael Kerrisk (man-pages)" writes:
Hi Jann, Stephen, et al.
Jann, since you recently committed a patch in this area, and Stephen,
since yo
On Tue, Jun 21, 2016 at 11:41:16AM +0200, Michael Kerrisk (man-pages) wrote:
> Hi Jann, Stephen, et al.
>
> Jann, since you recently committed a patch in this area, and Stephen,
> since you committed 006ebb40d3d much further back in time, I wonder if
> you might help me by reviewing the text below
Kees Cook writes:
> On Tue, Jun 21, 2016 at 12:55 PM, Eric W. Biederman
> wrote:
>
>> "Michael Kerrisk (man-pages)" writes:
>>
>>>The algorithm employed for ptrace access mode checking deter‐
>>>mines whether the calling process is allowed to perform the
>>>corresp
On Tue, Jun 21, 2016 at 12:55 PM, Eric W. Biederman
wrote:
>
> Adding Oleg just because he seems to do most of the ptrace related
> maintenance these days.
>
> "Michael Kerrisk (man-pages)" writes:
>
>> Hi Jann, Stephen, et al.
>>
>> Jann, since you recently committed a patch in this area, and St
Adding Oleg just because he seems to do most of the ptrace related
maintenance these days.
"Michael Kerrisk (man-pages)" writes:
> Hi Jann, Stephen, et al.
>
> Jann, since you recently committed a patch in this area, and Stephen,
> since you committed 006ebb40d3d much further back in time, I wo
24 matches
Mail list logo
