From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 4E97298F for ; Wed, 20 Jul 2016 06:43:03 +0000 (UTC) Received: from helcar.hengli.com.au (helcar.hengli.com.au [209.40.204.226]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2AB2A79 for ; Wed, 20 Jul 2016 06:43:01 +0000 (UTC) Date: Wed, 20 Jul 2016 14:42:28 +0800 From: Herbert Xu To: "Eric W. Biederman" Message-ID: <20160720064228.GA32737@gondor.apana.org.au> References: <20160711173329.GA8240@pc.thejh.net> <87y44xr5zp.fsf@x220.int.ebiederm.org> <8737n5caz8.fsf@x220.int.ebiederm.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <8737n5caz8.fsf@x220.int.ebiederm.org> Cc: Jann Horn , "ksummit-discuss@lists.linuxfoundation.org" Subject: Re: [Ksummit-discuss] [TOPIC] kernel hardening / self-protection / whatever List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , On Tue, Jul 19, 2016 at 09:14:03PM -0500, Eric W. Biederman wrote: > True. I tried to review things to make certain they were safe in user > namespaces when I enabled things but clearly a few things slipped > through the cracks. What's worse is that after you enable them someone else can come along and add a new piece of functionality but still assuming that only root has access to it. I encountered this with netfilter and rhashtable where the argument put forward was that as long as only root had access to a hash table then we don't have to worry about hash collissions. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt