Re: enhance sysctl kern.expose_address

To: Jason Thorpe <thorpej%me.com@localhost>
Subject: Re: enhance sysctl kern.expose_address
From: David Holland <dholland-tech%netbsd.org@localhost>
Date: Fri, 7 Dec 2018 18:28:29 +0000

On Wed, Dec 05, 2018 at 08:47:58AM -0800, Jason Thorpe wrote:
 > Also, should PK_KMEM be inherited across fork?  What if a process
 > opens /dev/kmem, and then forks/execs a helper to do the work,
 > passing the file descriptor along with it?  #CanOfWorms

I would go so far as to say that non-root non-setugid processes
shouldn't be allowed to have file handles for /dev/kmem.

Then again I'd also say /dev/kmem shouldn't exist :-)

-- 
David A. Holland
dholland%netbsd.org@localhost

References:
- enhance sysctl kern.expose_address
  - From: Christos Zoulas
- Re: enhance sysctl kern.expose_address
  - From: Jason Thorpe
- Re: enhance sysctl kern.expose_address
  - From: Jason Thorpe

Prev by Date: Re: noatime mounts inhibiting atime updates via utime()
Next by Date: Adding new feature - Kcov
Previous by Thread: Re: enhance sysctl kern.expose_address
Next by Thread: Re: enhance sysctl kern.expose_address
Indexes:

Home | Main Index | Thread Index | Old Index