User: Password:
|
|
Subscribe / Log in / New account

Spengler: False Boundaries and Arbitrary Code Execution

Spengler: False Boundaries and Arbitrary Code Execution

Posted Jan 6, 2011 9:33 UTC (Thu) by adisaacs (guest, #53996)
In reply to: Spengler: False Boundaries and Arbitrary Code Execution by mheily
Parent article: Spengler: False Boundaries and Arbitrary Code Execution

Hardly FUD, it's a useful contribution to the discussion around capabilities and where we need to look to make Linux more secure. I'm grateful to Brad for writing his post, he has thought really deeply about these issues and has a ton of useful advice to give.

(Sure, I wish Brad would post patches upstream rather than letting bugfixes and practial prophylaxes languish in grsecurity, but if I were him and got people badmouthing me with "FUD" every time I write a forum post, I'd probably be cranky too.)


(Log in to post comments)

Spengler: False Boundaries and Arbitrary Code Execution

Posted Jan 6, 2011 14:36 UTC (Thu) by nix (subscriber, #2304) [Link]

Indeed so. This sort of analysis is tedious, boring, and error-prone, so it's good that Brad both did it and solicited comments so he could fix any problems later. Everyone knows that the set of capabilities is irregular and more than slightly badly thought out, but no detailed data was available before now. Figuring out just *what* is wrong with them is the first step to fixing them (hopefully before too many people come to rely on the current set).


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds