Not logged in
Log in now
Create an account
Subscribe to LWN
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
One might argue that we've become 12% slower, but > 12% more secure.
How much checking do you need to do?
Posted Oct 5, 2009 10:43 UTC (Mon) by alex (subscriber, #1355)
For example once you have validated a process can read a given file descriptor do you need to re-run the whole capability checking logic for every sys_read()?
Of course any such caching probably introduces another attack vector so care would have to be taken with the implementation?
*ideal being a target even if you may never actually reach that goal.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds