Re: core statement on fexecve, O_EXEC, and O_SEARCH

To: "Roland C. Dowdeswell" <elric%imrryr.org@localhost>
Subject: Re: core statement on fexecve, O_EXEC, and O_SEARCH
From: Robert Elz <kre%munnari.OZ.AU@localhost>
Date: Wed, 05 Dec 2012 19:10:17 +0700

    Date:        Wed, 5 Dec 2012 03:02:09 +0000
    From:        "Roland C. Dowdeswell" <elric%imrryr.org@localhost>
    Message-ID:  <20121205030209.GV1713%mournblade.imrryr.org@localhost>

  | Let's not lose sight of the fact that chroot can most certainly
  | compromise security if used improperly

Yes, of course, there can be security issues with almost everything,
and with this more than many - I wasn't intending to say that seurity
can be ignored when using chroot (it is a root only facility for good
reason, and should be used with as much care as any other root only
facility), just that if we stop seeing it as a security solution, then
when other things are being considered, we can stop worrying whether
or not they defeat chroot's "security solution" or not.

kre

References:
- Re: core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Roland C. Dowdeswell
- Re: core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Alan Barrett
- core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Alan Barrett
- Re: core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Emmanuel Dreyfus
- Re: core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Michael van Elst
- Re: core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Robert Elz

Prev by Date: Re: Porting Corosync/Pacemaker - Help needed with gdb
Next by Date: Re: Porting Corosync/Pacemaker - Help needed with gdb
Previous by Thread: Re: core statement on fexecve, O_EXEC, and O_SEARCH
Next by Thread: Re: core statement on fexecve, O_EXEC, and O_SEARCH
Indexes:

Home | Main Index | Thread Index | Old Index