| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Nov 2015 13:28:55 -0600 From: Seth Forshee <seth.forshee@...onical.com> To: Theodore Ts'o <tytso@....edu>, Al Viro <viro@...IV.linux.org.uk>, "Eric W. Biederman" <ebiederm@...ssion.com>, linux-bcache@...r.kernel.org, dm-devel@...hat.com, linux-raid@...r.kernel.org, linux-mtd@...ts.infradead.org, linux-fsdevel@...r.kernel.org, linux-security-module@...r.kernel.org, selinux@...ho.nsa.gov, Serge Hallyn <serge.hallyn@...onical.com>, Andy Lutomirski <luto@...capital.net>, linux-kernel@...r.kernel.org Subject: Re: [PATCH v3 0/7] User namespace mount updates On Wed, Nov 18, 2015 at 02:10:45PM -0500, Theodore Ts'o wrote: > On Tue, Nov 17, 2015 at 12:34:44PM -0600, Seth Forshee wrote: > > On Tue, Nov 17, 2015 at 05:55:06PM +0000, Al Viro wrote: > > > On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote: > > > > > > > Shortly after that I plan to follow with support for ext4. I've been > > > > fuzzing ext4 for a while now and it has held up well, and I'm currently > > > > working on hand-crafted attacks. Ted has commented privately (to others, > > > > not to me personally) that he will fix bugs for such attacks, though I > > > > haven't seen any public comments to that effect. > > > > > > _Static_ attacks, or change-image-under-mounted-fs attacks? > > > > Right now only static attacks, change-image-under-mounted-fs attacks > > will be next. > > I will fix bugs about static attacks. That is, it's interesting to me > that a buggy file system (no matter how it is created), not cause the > kernel to crash --- and privilege escalation attacks tend to be > strongly related to those bugs where we're not doing strong enough > checking. > > Protecting against a malicious user which changes the image under the > file system is a whole other kettle of fish. I am not at all user you > can do this without completely sacrificing performance or making the > code impossible to maintain. So my comments do *not* extend to > protecting against a malicious user who is changing the block device > underneath the kernel. > > If you want to submit patches to make the kernel more robust against > these attacks, I'm certainly willing to look at the patches. But I'm > certainly not guaranteeing that they will go in, and I'm certainly not > promising to fix all vulnerabilities that you might find that are > caused by a malicious block device. Sorry, that's too much buying a > pig in a poke.... Thanks Ted. My plan right now is to explore the possibility of blocking writes to the backing store from userspace while it's mounted. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists