This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Proposal for PR 13128

From: "Frank Ch. Eigler" <fche at redhat dot com>
To: Josh Stone <jistone at redhat dot com>
Cc: Dave Brolley <brolley at redhat dot com>, systemtap at sourceware dot org
Date: Tue, 27 Sep 2011 15:20:15 -0400
Subject: Re: Proposal for PR 13128
References: <4E81F7C1.2070708@redhat.com> <y0mty7xsu5p.fsf@fche.csb> <4E822113.9010200@redhat.com>

Hi -

On Tue, Sep 27, 2011 at 12:16:35PM -0700, Josh Stone wrote:
> [...]
> > Actually, it doesn't.  Since it's signed, staprun can trust the module
> > to do the verification itself.  It could just pass bit-flags as to the
> > invoking user's stapdev|stapkern|stapusr group memberships, and let
> > the module itself assess eligibility to run.
> 
> We require new code either way -- parsing section contents vs. creating
> a new control message to the module.  I feel it's more prudent to do as
> much as possible before init_module is ever called.

Right, on the other hand, creation of the extra elf data, and its
signature-related processing, is extra work and a possible source of
fragility with this approach.  Prudence is not clear-cut.

- FChE

Follow-Ups:
- Re: Proposal for PR 13128
  - From: Josh Stone

References:
- Proposal for PR 13128
  - From: Dave Brolley
- Re: Proposal for PR 13128
  - From: Frank Ch. Eigler
- Re: Proposal for PR 13128
  - From: Josh Stone

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]