|
|
Log in / Subscribe / Register

Local root vulnerability in snap-confine

Local root vulnerability in snap-confine

Posted Feb 20, 2022 23:42 UTC (Sun) by judas_iscariote (guest, #47386)
In reply to: Local root vulnerability in snap-confine by intgr
Parent article: Local root vulnerability in snap-confine

> proper serialization formats when communicating complex data structures to between kernel and userland, instead of this stringly typed complex to parse hodgepodge that > is "mountinfo".

What is actually wanted is system calls, that return unambigous, well defined data.. same on all archictectures or kernel config options.. no new proc files to parse or to write to...

to post comments

Local root vulnerability in snap-confine

Posted Feb 21, 2022 16:37 UTC (Mon) by nybble41 (subscriber, #55106) [Link]

> What is actually wanted is system calls, that return unambigous, well defined data..

We have the system calls (open, read, write). What is missing is the "unambiguous, well-defined data". Given an appropriate serialization format there is nothing wrong with communicating the data through /proc. I see no need to restrict access to languages with support for making special-purpose system calls.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds