[linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation

Lee Revell rlrevell at joe-job.com
Wed Dec 29 09:21:49 UTC 2004

Previous message: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
Next message: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2004-12-28 at 23:36 -0800, Fernando Lopez-Lezcano wrote:
> Any kernel that wants to use the realtime-lsm
> will have to either not build the POSIX capabilities lsm, or build it as
> a module. In the later case the system will be vulnerable. The
> realtime-lsm does not depend on the POSIX capabilities lsm but it forces
> you to build it as a module, exposing the vulnerability, which maybe I
> misunderstood as not being present if you build with the POSIX lsm into
> the kernel (as opposed to building it as a module).
> 
> I do understand that loading the realtime lsm only does not create a
> vulnerability (other than well known possibilities of DOS attacks by
> mean linux audio users :-)

OK, that is a clearer explanation than mine ;-)

Anyway the kernel folks don't seem worried.

Lee

Previous message: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
Next message: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audio-dev mailing list