Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261311AbVCOPGS (ORCPT ); Tue, 15 Mar 2005 10:06:18 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261315AbVCOPGS (ORCPT ); Tue, 15 Mar 2005 10:06:18 -0500 Received: from mx2.elte.hu ([157.181.151.9]:56808 "EHLO mx2.elte.hu") by vger.kernel.org with ESMTP id S261311AbVCOPGQ (ORCPT ); Tue, 15 Mar 2005 10:06:16 -0500 Date: Tue, 15 Mar 2005 16:05:26 +0100 From: Ingo Molnar To: Andrea Arcangeli Cc: Andrew Morton , Adrian Bunk , linux-kernel@vger.kernel.org, Linus Torvalds Subject: Re: [-mm patch] seccomp: don't say it was more or less mandatory Message-ID: <20050315150526.GA14744@elte.hu> References: <20050224224134.GE20715@opteron.random> <20050225211453.GC3311@stusta.de> <20050226013137.GO20715@opteron.random> <20050301003247.GY4021@stusta.de> <20050301004449.GV8880@opteron.random> <20050303145147.GX4608@stusta.de> <20050303135556.5fae2317.akpm@osdl.org> <20050315100903.GA32198@elte.hu> <20050315112712.GA3497@elte.hu> <20050315130046.GK7699@opteron.random> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050315130046.GK7699@opteron.random> User-Agent: Mutt/1.4.1i X-ELTE-SpamVersion: MailScanner 4.31.6-itk1 (ELTE 1.2) SpamAssassin 2.63 ClamAV 0.73 X-ELTE-VirusStatus: clean X-ELTE-SpamCheck: no X-ELTE-SpamCheck-Details: score=-4.9, required 5.9, autolearn=not spam, BAYES_00 -4.90 X-ELTE-SpamLevel: X-ELTE-SpamScore: -4 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 980 Lines: 24 * Andrea Arcangeli wrote: > > which quite likely wont be provable in the foreseeable future). > > Please mention a _single_ bug that could allow you to escape the > seccomp jail in linux since 2.4.0 on x86 and x86-64 (and with escape I > don't mean sniffing data with mmx not being backwards compatible, or > f00f DoS, I mean executing code into the host as user nobody). I'm not > aware of a _single_ seccomp bug that could allow you to escape the > seccomp jail since 2.4.0 and probably much earlier. ugh? Where do i claim any such thing? while we are at it, please mention a single ptrace bug in the same timeframe that could allow a bytecode 'client' to escape a ptrace TRACE_SYSCALL jail at will. Ingo - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/