lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 23 Aug 2017 23:15:37 +0200
From:   Christian Brauner <christian.brauner@...onical.com>
To:     "Eric W. Biederman" <ebiederm@...ssion.com>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Christian Brauner <christian.brauner@...ntu.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "Serge E. Hallyn" <serge@...lyn.com>,
        Al Viro <viro@...iv.linux.org.uk>
Subject: Re: [PATCH 0/1] devpts: use dynamic_dname() to generate proc name

On Wed, Aug 23, 2017 at 10:31:53AM -0500, Eric W. Biederman wrote:
> Christian Brauner <christian.brauner@...onical.com> writes:
> 
> > On Wed, Aug 16, 2017 at 11:45 PM, Linus Torvalds
> > <torvalds@...ux-foundation.org> wrote:
> >> On Wed, Aug 16, 2017 at 2:37 PM, Christian Brauner
> >> <christian.brauner@...onical.com> wrote:
> >>>> And Christian, if you can beat on this, that would be good.
> >>>
> >>> Yes, I can pound on this nicely with liblxc. We have patch
> >>> ( https://github.com/lxc/lxc/pull/1728 ) up for review that
> >>> allocates pty fds from private devpts mounts in different namespaces
> >>> and sends those fds around between different namespaces.
> >>
> >> Good. Testing that this works with different pts filesystems in
> >> different places is exactly the kind of thing I'd like to see. I only
> >> tested with my single pts filesystem that is mounted at /dev/pts, and
> >> making sure it works when there are multiple mounts and in different
> >> places is exactly the kind of testing this should get.
> >
> > I'm compiling a kernel now and depending on how good the in-flight
> > wifi is I try to test this right away and answer here if that helps. If the
> > in-flight wifi sucks it might take me until tomorrow.
> 
> Linus has merged the fix but have you been able to test and verify all
> is well from your side?

Hi Eric,

Sorry for the late reply! So I've tested the patch and it does what I expect it
to do, i.e. it places the correct path as the content of /proc/<pid>/fd/<n>.
However, if I'm correct not in all cases. But I need to confirm this first and I
didn't want to start pointless discussions before having something reliable.
Thanks!

The reason for the late reply is that I was investigating some other "weirdness"
related to this patch which also - I believe - touches on the bind-mount
escaping you mentioned in your previous mail. It relates to an idea I had in
mind for a while now but never thought through sufficiently. I hope to find some
time on the weekend to think about this more clearly. I had hoped to bundle this
up with my testing but didn't get around to it.

Christian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ