lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <E1IYjoQ-0001kT-00@dorka.pomaz.szeredi.hu>
Date:	Fri, 21 Sep 2007 16:48:58 +0200
From:	Miklos Szeredi <miklos@...redi.hu>
To:	hch@...radead.org
CC:	miklos@...redi.hu, hch@...radead.org, akpm@...ux-foundation.org,
	linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: Re: [patch 5/5] VFS: allow filesystem to override mknod capability checks

> On Fri, Sep 21, 2007 at 03:18:33PM +0200, Miklos Szeredi wrote:
> > > That's something that shouldn't be solved in the filesystem, but rather
> > > through exact semantics of unprivilegued mounts.  Given that an
> > > unprivilegued implies ignoring the device files we can easily allow
> > > users to create them, because they're nothing special anymore.
> > 
> > Exacly.  And we already have an API for that: mknod(2).  It would be
> > quite stupid to introduce _another_ API to do the same.  It would mean
> > that all the tools, like mknod(8) would not work with the new API.
> > 
> > Or am I misunderstanding your suggestion?
> 
> Yes :)
> 
> My suggestions is:
> 
>  - mknod for unprivilegued user is allowed in the following case
> 
>     (1) mount point is mounted with MNT_NODEV
>     (2) mount point is owner by the user doing mknod

Ah, OK.  Well, that's what fuse would do with the above change.  So
you are basically saying, the change is OK, but we want proper
unprivileged mounts first.

>  - and maybe
> 
>     (3) we have a special mount option to allow it if we don't want
>         to allow it for normal unprivilegued mounts for some reason

I'm sure we don't want it by default.

For example if user bind mounts / onto /home/user/myroot (with 'nodev'
of couse), we still don't want mknod to work on that mount, for
obvious reasons.

Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ