[20427] in bugtraq
Re: Linux patches to solve /tmp race problem
daemon@ATHENA.MIT.EDU (Crispin Cowan)
Wed Apr 25 01:58:14 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <3AE4CDDF.107CD954@wirex.com>
Date: Mon, 23 Apr 2001 17:50:39 -0700
Reply-To: crispin@WIREX.COM
From: Crispin Cowan <crispin@WIREX.COM>
X-To: matthew@DATADELIVERANCE.COM
To: BUGTRAQ@SECURITYFOCUS.COM
"Donaldson, Matthew" wrote:
> I disagree. You might not like the design behind it, but that does not mean
> there isn't any. Just because it is not in a kernel module doesn't mean it
> is inherently un-designed and bad. In fact, a lot of thought has gone into
> its design.
Perhaps instead of battling to get the kernel maintainers to accept this patch,
you'd consider actually making it a module. We're working on a Linux Security
Module (LSM) extension to the existing module interface, precisely so that the
kernel maintainers don't have to wrangle with whether or not to accept a given
security patch.
If you're interested in modularizing your work, then we need your input on what
hooks the LSM should provide to modules. E.g. some discussion today came up about
whether we have sufficient hooks in place to support Solar Designer's "don't let
suid programs follow symlinks in stickbit dirs" patch. We need your input on the
LSM interface if it is to support your enhancement.
Subscribe here http://mail.wirex.com/mailman/listinfo/linux-security-module
Crispin
--
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution: http://immunix.org
