Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752498AbeACMME (ORCPT + 1 other); Wed, 3 Jan 2018 07:12:04 -0500 Received: from mail-ua0-f196.google.com ([209.85.217.196]:38169 "EHLO mail-ua0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751849AbeACMMC (ORCPT ); Wed, 3 Jan 2018 07:12:02 -0500 X-Google-Smtp-Source: ACJfBotd8BtOLIlTJWkc5vyTk3s/NsQGptlsOJzW6zCBam3AWei2ExKLixedSzN9zSFBpE7As9E+6w== Date: Wed, 3 Jan 2018 07:11:58 -0500 From: Tom Horsley To: "Serge E. Hallyn" Cc: Kees Cook , Linus Torvalds , Laura Abbott , David Howells , James Morris , linux-kernel@vger.kernel.org Subject: Re: [PATCH] exec: Weaken dumpability for secureexec Message-ID: <20180103071158.204eeb41@tomh> In-Reply-To: <20180103070444.GA6331@mail.hallyn.com> References: <20180102232133.GA39880@beast> <20180103070444.GA6331@mail.hallyn.com> X-Mailer: Claws Mail 3.15.1-dirty (GTK+ 2.24.31; x86_64-redhat-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Wed, 3 Jan 2018 01:04:44 -0600 Serge E. Hallyn wrote: > > This weakens dumpability back to checking only for uid/gid changes in > > current (which is useless), but userspace depends on dumpability not > > being tied to secureexec. > > > > https://bugzilla.redhat.com/show_bug.cgi?id=1528633 > > > > Reported-by: Tom Horsley > > Seems right, any chance we could get a tested-by: Tom? (Did we already > get that?) I didn't test it myself, but all I'd do is run the test program I've attached to the bugzilla above which is trivial compared to be learning how to patch and build kernels. So it would be much simpler for someone with the kernel already built to extract the tarball and type make :-).