Re: stack protection

To: "Milan P. Stanic" <mps@rns-nis.co.yu>, Debian Devel <debian-devel@lists.debian.org>
Subject: Re: stack protection
From: Russell Coker <russell@coker.com.au>
Date: Sat, 23 Aug 2003 15:13:25 +1000
Message-id: <[🔎] 200308231513.25673.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <[🔎] 20030822210220.GA3944@rns-nis.co.yu>
References: <[🔎] 200308211257.06176.russell@coker.com.au> <[🔎] Pine.LNX.4.10.10308210923550.15413-100000@linux.localnet.loc> <[🔎] 20030822210220.GA3944@rns-nis.co.yu>

On Sat, 23 Aug 2003 07:02, Milan P. Stanic wrote:
> On Thu, Aug 21, 2003 at 09:39:53AM +0200, Xavier Roche wrote:
> > Note that some options are sometimes incompatible with some packages:
> > restrictions on kmem ('Deny writing to /dev/kmem, /dev/mem, and
> > /dev/port') prevent lm_sensors from working properly with my server. But
>
> "cat /dev/zero > /dev/mem" is a feature and not a bug, but today
> more and more people disagree.

Allowing the system administrator to write to /dev/mem as part of debugging 
the kernel is a feature.

Allowing the dhcp server to write to /dev/mem because it's UID 0 and Unix 
security sucks is a bug.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to:

Follow-Ups:
- Re: stack protection
  - From: "Milan P. Stanic" <mps@rns-nis.co.yu>

References:
- stack protection
  - From: Russell Coker <russell@coker.com.au>
- Re: stack protection
  - From: Xavier Roche <roche@httrack.com>
- Re: stack protection
  - From: "Milan P. Stanic" <mps@rns-nis.co.yu>

Prev by Date: /etc/shells management
Next by Date: Re: Thank you!
Previous by thread: Re: stack protection
Next by thread: Re: stack protection
Index(es):
- Date
- Thread