| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1200952394.2988.70.camel@ram.us.ibm.com> Date: Mon, 21 Jan 2008 13:53:13 -0800 From: Ram Pai <linuxram@...ibm.com> To: Miklos Szeredi <miklos@...redi.hu> Cc: akpm@...ux-foundation.org, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, util-linux-ng@...r.kernel.org, viro@....linux.org.uk, hch@...radead.org, a.p.zijlstra@...llo.nl Subject: Re: [RFC][PATCH] VFS: create /proc/<pid>/mountinfo On Mon, 2008-01-21 at 22:25 +0100, Miklos Szeredi wrote: > > You have removed the code that checked if the peer or > > master mount was in the same namespace before reporting their > > corresponding mount-ids. One downside of that approach is the > > user will see an mount_id in the output with no corresponding > > line to explain the details of the mount_id. > > Before the change, the peer and master ID's were basically randomly > chosen from the peers, which means, it wasn't possible to always > determine, that two mounts were peers, or that they were slaves to the > same peer group. > > After the change, this is possible, since the peer ID will be the same > for all mounts which are peers. This means, that even though the peer > ID might be in a different namespace, it is possible to determine all > peers within the same namespace by comparing their peer ID's. I agree with your reasoning on the random id; showing a single id avoids clutter. But my point is, why not show a id for the master or peer residing in the same namespace? Showing a id with no corresponding entry for that id, can be intriguing. If no master-mount exists in the same namespace then print -1 meaning "masked". there is always atleast one peer-mount in a given namespace; so no issue there. > > > > And reporting the mount-id of a mount is some other namespace > > could subtly mean information-leak? > > I don't think the mount ID itself can be sensitive, it really doesn't > contain any information, other than being an identifier. > > > One other comment I had received offline from Steve French was > > that the patch did not consider the following case: > > > > "Have you thought about whether this could handle the case in which cifs mounts with > > a relative path e.g. currently > > mount -t cifs //server/share /mnt > > > > can not be distinguished from > > mount -t cifs //server/share/subdirectory /mnt > > > > when you run the mount command (ie the cifs "prefixpath" in this case > > "/subdirectory" is not displayed)" > > Why cifs not displaying '//server/share/subdirectory' as the source of > the mount? dont know. not tried it myself. RP > > Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists