"Lack of enforcement" and "exploitable" should be easier to tell apart
geofft
·
2026-05-01
·
via LWN.net comments
Leaving aside, of course, the "I know it when I see it" method, I think this is distinguishable: the functionality that TCMalloc is relying on does not violate any intended security properties of the kernel. TCMalloc isn't gaining access to info that it shouldn't be able to, and it's clear that some other mechanism for what they want would be fine and mergeable—the dispute is just whether this particular ABI should expose the functionality. If rseq had never worked this way, a request to add some kind of API would have been considered; a request to add an explicitly local-root API would not be considered. Similarly, the change in behavior wasn't because the old behavior was buggy and they wanted to fix it, but because there was a performance boost from taking a different approach, and that happened to cause different user-visible behavior as a side effect.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。