[PATCH v2] proc: allow restricting /proc/pid/mem writes
Kees Cook
keescook at chromium.org
Tue Mar 5 10:12:26 UTC 2024
On Tue, Mar 05, 2024 at 10:58:25AM +0100, Christian Brauner wrote:
> Since the write handler for /proc/<pid>/mem does raise FOLL_FORCE
> unconditionally it likely would implicitly. But I'm not familiar enough
> with FOLL_FORCE to say for sure.
I should phrase the question better. :) Is the supervisor writing into
read-only regions of the child process?
--
Kees Cook
More information about the Linux-security-module-archive
mailing list