[kernel-hardening] Re: [PATCH v7 2/2] security: tty: make TIOCSTI ioctl require CAP_SYS_ADMIN
From: Daniel Micay <hidden>
Date: 2017-05-30 23:40:37
Also in:
lkml
On Tue, 2017-05-30 at 19:00 -0400, Matt Brown wrote:
On 5/30/17 4:22 PM, Daniel Micay wrote:quoted
quoted
Thanks, I didn't know that android was doing this. I still think this feature is worthwhile for people to be able to harden their systems against this attack vector without having to implement a MAC.Since there's a capable LSM hook for ioctl already, it means it could go in Yama with ptrace_scope but core kernel code would still need to be changed to track the owning tty. I think Yama vs. core kernel shouldn't matter much anymore due to stackable LSMs.What does everyone think about a v8 that moves this feature under Yama and uses the file_ioctl LSM hook?
It would only make a difference if it could be fully contained there, as in not depending on tracking the tty owner. -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html