Return-Path: <linux-kernel-owner+w=401wt.eu-S965298AbXATQMK@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S965298AbXATQMK (ORCPT <rfc822;w@1wt.eu>);
	Sat, 20 Jan 2007 11:12:10 -0500
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S965301AbXATQMK
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Sat, 20 Jan 2007 11:12:10 -0500
Received: from 69-100-st.zelcom.ru ([80.92.100.69]:4404 "EHLO
	etherstorm.feelingofgreen.ru" rhost-flags-OK-FAIL-OK-OK)
	by vger.kernel.org with ESMTP id S965298AbXATQMI (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Sat, 20 Jan 2007 11:12:08 -0500
Date: Sat, 20 Jan 2007 19:12:05 +0300
Message-ID: <87wt3hvfsa.wl@betelheise.deep.net>
From: Samium Gromoff <_deepfire@feelingofgreen.ru>
To: linux-kernel@vger.kernel.org
Subject: Re: [PATCH] Undo some of the pseudo-security madness
In-Reply-To: <87y7nxvk65.wl@betelheise.deep.net>
References: <87y7nxvk65.wl@betelheise.deep.net>
User-Agent: Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka)
 FLIM/1.14.8 (=?ISO-8859-4?Q?Shij=F2?=) APEL/10.6 Emacs/23.0.51
 (i486-pc-linux-gnu) MULE/5.0 (SAKAKI)
X-Face: "P-:w!.&Hdk.h~~pT`!Q%H6;/8Cce^m&%vIn"W-SXb4h88dCgwD\_}N5:\}lowY2gxg0u^wVO*L\$C@MvBDRTmh/=,468w{W{OTc$kfq5O9Y!`pd+N}SMHrN+Gs>jXe5}}EL`cRbc0^_0cZ-}M\b~55I;Qe$1uL8M`M`82<_%CQ(GwLk."M>zBLn:-u>n,$kjH`~Uo[pH`08#\G!GVMd`%7![m9]*w5PMts4@m>=;lX41Z90N
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 966
Lines: 25

At Sat, 20 Jan 2007 17:37:22 +0300,
Samium Gromoff wrote:
[snip]
> So, here we have a buffer-overflow protection technique, which does not
> actually protect against buffer overflows[1], breaking valid applications.
> 
> I suggest getting rid of it.

i botched it slightly:

--- linux/include/linux/personality.h		2007-01-20 17:31:01.000000000 +0300
+++ linux-sane/include/linux/personality.h	2007-01-20 17:32:50.000000000 +0300
@@ -40,7 +40,7 @@
  * Security-relevant compatibility flags that must be
  * cleared upon setuid or setgid exec:
  */
-#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC|ADDR_NO_RANDOMIZE)
+#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC)

Signed-off-by: Samium Gromoff <_deepfire@feelinfofgreen.ru>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/