On Mon, 2012-02-13 at 22:07 +0800, Paul Wise wrote: > On Mon, Feb 13, 2012 at 8:57 PM, Marco d'Itri wrote: > > On Feb 13, Ian Jackson wrote: > > > >> The rule would be that if: > >> * A file is being opened in a sticky directory > >> * The file is going to be created by this operation > >> * O_EXCL was not specified > >> then the syscall fails with EPERM. > > This should be easy to implement as a LSM. > > Kees Cook implemented protections against symlink attacks in Yama (an LSM): > > https://lwn.net/Articles/393012/ > > Of course LSMs don't yet stack so it cannot be combined with SELinux etc. YAMA just does ptrace restriction at the moment. Symlink restrictions will be done in the security core. Ben. -- Ben Hutchings Beware of programmers who carry screwdrivers. - Leonard Brandwein
Attachment:
signature.asc
Description: This is a digitally signed message part