| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Jul 2016 08:47:02 +0200
From: "Michael Kerrisk (man-pages)" <mtk.manpages@...il.com>
To: lkml <linux-kernel@...r.kernel.org>
Cc: mtk.manpages@...il.com
Subject: man-pages-4.07 is released
Gidday,
The Linux man-pages maintainer proudly announces:
man-pages-4.07 - man pages for Linux
This release includes input and contributions from
around 50 people. Over 140 pages saw changes, ranging
from typo fixes through to page rewrites and 4 newly
created pages.
Tarball download:
http://www.kernel.org/doc/man-pages/download.html
Git repository:
https://git.kernel.org/cgit/docs/man-pages/man-pages.git/
Online changelog:
http://man7.org/linux/man-pages/changelog.html#release_4.07
A short summary of the release is blogged at:
http://linux-man-pages.blogspot.com/2016/07/man-pages-407-is-released.html
The current version of the pages is browsable at:
http://man7.org/linux/man-pages/
A selection of changes in this release that may be of interest
to readers on LKML is shown below.
Cheers,
Michael
==================== Changes in man-pages-4.07 ====================
Released: 2016-07-17, Ulm
New and rewritten pages
-----------------------
ioctl_fideduperange.2
Darrick J. Wong [Christoph Hellwig, Michael Kerrisk]
New page documenting the FIDEDUPERANGE ioctl
Document the FIDEDUPERANGE ioctl, formerly known as
BTRFS_IOC_EXTENT_SAME.
ioctl_ficlonerange.2
Darrick J. Wong [Christoph Hellwig, Michael Kerrisk]
New page documenting FICLONE and FICLONERANGE ioctls
Document the FICLONE and FICLONERANGE ioctls, formerly known as
the BTRFS_IOC_CLONE and BTRFS_IOC_CLONE_RANGE ioctls.
mount_namespaces.7
Michael Kerrisk [Michael Kerrisk]
New page describing mount namespaces
Newly documented interfaces in existing pages
---------------------------------------------
mount.2
Michael Kerrisk
Document flags used to set propagation type
Document MS_SHARED, MS_PRIVATE, MS_SLAVE, and MS_UNBINDABLE.
Michael Kerrisk
Document the MS_REC flag
ptrace.2
Michael Kerrisk [Kees Cook, Jann Horn, Eric W. Biederman, Stephen Smalley]
Document ptrace access modes
proc.5
Michael Kerrisk
Document /proc/[pid]/timerslack_ns
Michael Kerrisk
Document /proc/PID/status 'Ngid' field
Michael Kerrisk
Document /proc/PID/status fields: 'NStgid', 'NSpid', 'NSpgid', 'NSsid'
Michael Kerrisk
Document /proc/PID/status 'Umask' field
Changes to individual pages
---------------------------
ldd.1
Michael Kerrisk
Add a little more detail on why ldd is unsafe with untrusted executables
futex.2
Michael Kerrisk
Correct an ENOSYS error description
Since Linux 4.5, FUTEX_CLOCK_REALTIME is allowed with FUTEX_WAIT.
Michael Kerrisk [Darren Hart]
Remove crufty text about FUTEX_WAIT_BITSET interpretation of timeout
Since Linux 4.5, FUTEX_WAIT also understands
FUTEX_CLOCK_REALTIME.
Michael Kerrisk [Thomas Gleixner]
Explain how to get equivalent of FUTEX_WAIT with an absolute timeout
Michael Kerrisk
Describe FUTEX_BITSET_MATCH_ANY
Describe FUTEX_BITSET_MATCH_ANY and FUTEX_WAIT and FUTEX_WAKE
equivalences.
Michael Kerrisk [Thomas Gleixner, Darren Hart]
Fix descriptions of various timeouts
Michael Kerrisk
Clarify clock default and choices for FUTEX_WAIT
kcmp.2
Michael Kerrisk
kcmp() is governed by PTRACE_MODE_READ_REALCREDS
mount.2
Michael Kerrisk
Restructure discussion of 'mountflags' into functional groups
The existing text makes no differentiation between different
"classes" of mount flags. However, certain flags such as
MS_REMOUNT, MS_BIND, MS_MOVE, etc. determine the general
type of operation that mount() performs. Furthermore, the
choice of which class of operation to perform is performed in
a certain order, and that order is significant if multiple
flags are specified. Restructure and extend the text to
reflect these details.
Michael Kerrisk
Since Linux 2.6.26, bind mounts can be made read-only
process_vm_readv.2
Michael Kerrisk
Rephrase permission rules in terms of a ptrace access mode check
ptrace.2
Michael Kerrisk [Jann Horn]
Update Yama ptrace_scope documentation
Reframe the discussion in terms of PTRACE_MODE_ATTACH checks,
and make a few other minor tweaks and additions.
Michael Kerrisk, Jann Horn
Note that user namespaces can be used to bypass Yama protections
Michael Kerrisk
Note that PTRACE_SEIZE is subject to a ptrace access mode check
Michael Kerrisk
Rephrase PTRACE_ATTACH permissions in terms of ptrace access mode check
wait.2
Michael Kerrisk
Since Linux 4.7, __WALL is implied if child being ptraced
Michael Kerrisk
waitid() now (since Linux 4.7) also supports __WNOTHREAD/__WCLONE/__WALL
proc.5
Michael Kerrisk
/proc/PID/fd/* are governed by PTRACE_MODE_READ_FSCREDS
Permission to dereference/readlink /proc/PID/fd/* symlinks is
governed by a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
Michael Kerrisk
/proc/PID/timerslack_ns is governed by PTRACE_MODE_ATTACH_FSCREDS
Permission to access /proc/PID/timerslack_ns is governed by
a PTRACE_MODE_ATTACH_FSCREDS ptrace access mode check.
Michael Kerrisk
Document /proc/PID/{maps,mem,pagemap} access mode checks
Permission to access /proc/PID/{maps,pagemap} is governed by a
PTRACE_MODE_READ_FSCREDS ptrace access mode check.
Permission to access /proc/PID/mem is governed by a
PTRACE_MODE_ATTACH_FSCREDS ptrace access mode check.
Michael Kerrisk
Note /proc/PID/stat fields that are governed by PTRACE_MODE_READ_FSCREDS
Michael Kerrisk
/proc/PID/{cwd,exe,root} are governed by PTRACE_MODE_READ_FSCREDS
Permission to dereference/readlink /proc/PID/{cwd,exe,root} is
governed by a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
Michael Kerrisk
/proc/PID/io is governed by PTRACE_MODE_READ_FSCREDS
Permission to access /proc/PID/io is governed by
a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
Michael Kerrisk
/proc/PID/{personality,stack,syscall} are governed by PTRACE_MODE_ATTACH_FSCREDS
Permission to access /proc/PID/{personality,stack,syscall} is
governed by a PTRACE_MODE_ATTACH_FSCREDS ptrace access mode check.
Michael Kerrisk
/proc/PID/{auxv,environ,wchan} are governed by PTRACE_MODE_READ_FSCREDS
Permission to access /proc/PID/{auxv,environ,wchan} is governed by
a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
Michael Kerrisk
Move shared subtree /proc/PID/mountinfo fields to mount_namespaces(7)
Move information on shared subtree fields in /proc/PID/mountinfo
to mount_namespaces(7).
Michael Kerrisk ["Yuming Ma(马玉明)"]
Note that /proc/net is now virtualized per network namespace
namespaces.7
Michael Kerrisk
/proc/PID/ns/* are governed by PTRACE_MODE_READ_FSCREDS
Permission to dereference/readlink /proc/PID/ns/* symlinks is
governed by a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
Michael Kerrisk
Nowadays, file changes in /proc/PID/mounts are notified differently
Exceptional condition for select(), (E)POLLPRI for (e)poll
netlink.7
Andrey Vagin
Describe netlink socket options
unix.7
Michael Kerrisk
Move discussion on pathname socket permissions to DESCRIPTION
Michael Kerrisk
Expand discussion of socket permissions
Michael Kerrisk
Fix statement about permissions needed to connect to a UNIX doain socket
Read permission is not required (verified by experiment).
Michael Kerrisk
Clarify ownership and permissions assigned during socket creation
Michael Kerrisk [Carsten Grohmann]
Update text on socket permissions on other systems
At least some of the modern BSDs seem to check for write
permission on a socket. (I tested OpenBSD 5.9.) On Solaris 10,
some light testing suggested that write permission is still
not checked on that system.
Michael Kerrisk
Note that umask / permissions have no effect for abstract sockets
Michael Kerrisk
Note that abstract sockets automatically disappear when FDs are closed
user_namespaces.7
Michael Kerrisk [Michał Zegan]
Clarify meaning of privilege in a user namespace
Having privilege in a user NS only allows privileged
operations on resources governed by that user NS. Many
privileged operations relate to resources that have no
association with any namespace type, and only processes
with privilege in the initial user NS can perform those
operations.
See https://bugzilla.kernel.org/show_bug.cgi?id=120671
Michael Kerrisk [Michał Zegan]
List the mount operations permitted by CAP_SYS_ADMIN
List the mount operations permitted by CAP_SYS_ADMIN in a
noninitial userns.
See https://bugzilla.kernel.org/show_bug.cgi?id=120671
Michael Kerrisk
Clarify details of CAP_SYS_ADMIN and cgroup v1 mounts
With respect to cgroups version 1, CAP_SYS_ADMIN in the user
namespace allows only *named* hierarchies to be mounted (and
not hierarchies that have a controller).
Michael Kerrisk
Clarify CAP_SYS_ADMIN details for mounting FS_USERNS_MOUNT filesystems
Michael Kerrisk
Correct user namespace rules for mounting /proc
Michael Kerrisk
Describe a concrete example of capability checking
Add a concrete example of how the kernel checks capabilities in
an associated user namespace when a process attempts a privileged
operation.
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
Powered by blists - more mailing lists