lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 21 Jan 2008 22:25:40 +0100
From:	Miklos Szeredi <miklos@...redi.hu>
To:	linuxram@...ibm.com
CC:	miklos@...redi.hu, akpm@...ux-foundation.org,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	util-linux-ng@...r.kernel.org, viro@....linux.org.uk,
	hch@...radead.org, a.p.zijlstra@...llo.nl
Subject: Re: [RFC][PATCH] VFS: create /proc/<pid>/mountinfo

> 	You have removed the code that checked if the peer or
> 	master mount was in the same namespace before reporting their
> 	corresponding mount-ids. One downside of that approach is the
> 	user will see an mount_id in the output with no corresponding
> 	line to explain the details of the mount_id.  

Before the change, the peer and master ID's were basically randomly
chosen from the peers, which means, it wasn't possible to always
determine, that two mounts were peers, or that they were slaves to the
same peer group.

After the change, this is possible, since the peer ID will be the same
for all mounts which are peers.  This means, that even though the peer
ID might be in a different namespace, it is possible to determine all
peers within the same namespace by comparing their peer ID's.

> 
> 	And reporting the mount-id of a mount is some other namespace
> 	could subtly mean information-leak?

I don't think the mount ID itself can be sensitive, it really doesn't
contain any information, other than being an identifier.

> 	One other comment I had received offline from Steve French was
> 	that the patch did not consider the following case:
> 
> 	"Have you thought about whether this could handle the case in which cifs mounts with 
> 	a relative path e.g. currently
>          	mount -t cifs //server/share /mnt
> 
> 	can not be distinguished from
>         	mount -t cifs //server/share/subdirectory /mnt
> 
> 	when you run the mount command (ie the cifs "prefixpath" in this case 
> 	"/subdirectory" is not displayed)"

Why cifs not displaying '//server/share/subdirectory' as the source of
the mount?

Miklos
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ