lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 17 Nov 2015 13:21:41 -0600
From:	Seth Forshee <seth.forshee@...onical.com>
To:	Richard Weinberger <richard.weinberger@...il.com>
Cc:	Al Viro <viro@...iv.linux.org.uk>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	linux-bcache@...r.kernel.org,
	device-mapper development <dm-devel@...hat.com>,
	"linux-raid@...r.kernel.org" <linux-raid@...r.kernel.org>,
	"linux-mtd@...ts.infradead.org" <linux-mtd@...ts.infradead.org>,
	linux-fsdevel <linux-fsdevel@...r.kernel.org>,
	LSM <linux-security-module@...r.kernel.org>,
	selinux@...ho.nsa.gov, Serge Hallyn <serge.hallyn@...onical.com>,
	Andy Lutomirski <luto@...capital.net>,
	LKML <linux-kernel@...r.kernel.org>,
	Theodore Ts'o <tytso@....edu>,
	Octavian Purdila <octavian.purdila@...el.com>
Subject: Re: [PATCH v3 0/7] User namespace mount updates

On Tue, Nov 17, 2015 at 08:12:31PM +0100, Richard Weinberger wrote:
> On Tue, Nov 17, 2015 at 7:34 PM, Seth Forshee
> <seth.forshee@...onical.com> wrote:
> > On Tue, Nov 17, 2015 at 05:55:06PM +0000, Al Viro wrote:
> >> On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote:
> >>
> >> > Shortly after that I plan to follow with support for ext4. I've been
> >> > fuzzing ext4 for a while now and it has held up well, and I'm currently
> >> > working on hand-crafted attacks. Ted has commented privately (to others,
> >> > not to me personally) that he will fix bugs for such attacks, though I
> >> > haven't seen any public comments to that effect.
> >>
> >> _Static_ attacks, or change-image-under-mounted-fs attacks?
> >
> > Right now only static attacks, change-image-under-mounted-fs attacks
> > will be next.
> 
> Do we *really* need to enable unprivileged mounting of kernel filesystems?
> What about just enabling fuse and implement ext4 and friends as fuse
> filesystems?
> Using the approaching Linux Kernel Libary[1] this is easy.

I haven't looked at this project, but I'm guessing that programs must be
written specifically to make use of it? I.e. you can't just use the
mount syscall, and thus all existing software still doesn't work?

> [1] https://lkml.org/lkml/2015/11/3/706
> -- 
> Thanks,
> //richard
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ