Re: [PATCH 2/4] Allow the process owner to perform all privileged operat

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/4] Allow the process owner to perform all privileged operat

From:	Sergey Bugaev
Subject:	Re: [PATCH 2/4] Allow the process owner to perform all privileged operations
Date:	Mon, 26 Jun 2023 11:42:54 +0300

On Mon, Jun 26, 2023 at 2:11 AM Sergey Bugaev <bugaevc@gmail.com> wrote:
> The user already has full access to our task, and the same kind of
> access to the file system image (if any) as our task does, we're not
> buying any additional security by disallowing them access.

This is not necessarily true considering multi-UID. We'd need to check
that the user has *all* of the UIDs that our task has.

This is why you don't commit at 2 AM :D

Sergey

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 1/4] libdiskfs: Don't warn if requesting shutdown notification fails with EPERM, Sergey Bugaev, 2023/06/25
- [PATCH 3/4] exec: On 64-bit, map lower 4 GB inaccessible for PIEs, Sergey Bugaev, 2023/06/25
- [PATCH 4/4] exec: Properly preallocate address space, Sergey Bugaev, 2023/06/25
- [PATCH 2/4] Allow the process owner to perform all privileged operations, Sergey Bugaev, 2023/06/25
  - Re: [PATCH 2/4] Allow the process owner to perform all privileged operations, Sergey Bugaev <=

Prev by Date: Re: [PATCH hurd] rumpdisk: Include complete USB stack to enable mass storage driver
Next by Date: [RFC PATCH 0/7] Forward merging entries and other VM shenanigans
Previous by thread: [PATCH 2/4] Allow the process owner to perform all privileged operations
Next by thread: [PATCH 1/5] htl: Let Mach place thread stacks
Index(es):
- Date
- Thread