lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <452F9602.1050906@gentoo.org>
Date:	Fri, 13 Oct 2006 09:34:58 -0400
From:	Daniel Drake <dsd@...too.org>
To:	Sam Ravnborg <sam@...nborg.org>
CC:	Michael Rasenberger <miraze@....de>, akpm@...l.org,
	linux-kernel@...r.kernel.org
Subject: Re: 2.6.18-mm1 violates sandbox feature on linux distribution

Sam Ravnborg wrote:
> Can you point to to some description of this sandbox feature.
> The error you point out looks pretty generic and should happen
> in several places - so I need to understand what problem I shall
> fix before trying to fix it.

It's basically a runtime linker hack (LD_PRELOAD?) which limits a 
processes access to files to a certain portion of the filesystem. In 
Gentoo's package compilation system, the compile processes are limited 
in that they can only write to /var/tmp/portage/<packagename>

Writes onto other parts of the filesystem will cause the whole process 
to bail out. Reads are OK. Compilation happens in 
/var/tmp/portage/<packagename>/work and then installation happens in 
/var/tmp/portage/<packagename>/image. When that is done, the package 
manager moves the contents of image onto the real system (with sandbox 
obviously disabled at this point).

> The point is that we have other places where we create temporary files
> so this should not be the only issue.

It should be noted that this issue is only related to compiling external 
modules through kbuild. Actual kernel compilation is not done in the 
sandbox.

If these other places have been introduced in 2.6.19 then yes there may 
be other issues. However, this sandboxed module compilation system has 
been working flawlessly for a long time now, so either those other 
places don't matter or those build-paths simply don't happen in the 
common cases.

This is a bigger problem for us now that this change has gone into 
Linus' tree. Would you accept a patch to make this output to /dev/null 
like many of the other toolchain checks do?

Thanks,
Daniel

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ