lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080319121235.GM10722@ZenIV.linux.org.uk>
Date:	Wed, 19 Mar 2008 12:12:35 +0000
From:	Al Viro <viro@...IV.linux.org.uk>
To:	Miklos Szeredi <miklos@...redi.hu>
Cc:	akpm@...ux-foundation.org, linuxram@...ibm.com,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [patch 6/6] vfs: mountinfo: only show mounts under tasks root

On Thu, Mar 13, 2008 at 10:26:47PM +0100, Miklos Szeredi wrote:
> From: Miklos Szeredi <mszeredi@...e.cz>
> 
> 1. Only show reachable mounts in /proc/<pid>/mountinfo, this makes
> mountpoints unambiguous for chrooted processes.
> 
> 2. Instead of showing mountpoints relative to the current root, always
> show them relative to the queried task's root.
> 
> This means, that a particular mountinfo file will always have the same
> contents, regardless of which process is reading the file.  Which is a
> lot more consistent, than the current behavior of /proc/<pid>/mounts.
> 
> Addressed comments from Jan Blunck and Ram Pai.

>  	return retval;
>  
>  global_root:
> +	if (only_reachable)
> +		return ERR_PTR(-EINVAL);

Humm...  Might make sense to update *root in case we hit that place and
do the rest in callers, instead of playing with extra arguments...
Hell knows, I'd try to massage in that direction and see if anything
clean shows up.

>  static int show_mountinfo(struct seq_file *m, void *v)
>  {
> +	struct proc_mounts *p = m->private;
> +	size_t count_save = m->count;

*UGH*.  Do you really need that?  Frankly, in that case I'd rather
separate the check from __d_path(); unwinds like that are Not Nice(tm).

> +	if (seq_path_root(m, &mnt_path, &p->root, " \t\n\\") == -EINVAL) {
> +		/* path is outside root */
> +		m->count = count_save;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ