lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <E1Kb0ml-0006qL-5M@pomaz-ex.szeredi.hu>
Date:	Thu, 04 Sep 2008 00:25:11 +0200
From:	Miklos Szeredi <miklos@...redi.hu>
To:	serue@...ibm.com
CC:	miklos@...redi.hu, ebiederm@...ssion.com,
	akpm@...ux-foundation.org, hch@...radead.org,
	viro@...IV.linux.org.uk, linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: unprivileged mounts git tree

On Wed, 3 Sep 2008, Serge E. Hallyn wrote:
> Ooh.
> 
> You predicate the turning of shared mount to a slave mount on
> !capable(CAP_SYS_ADMIN).  But in fact it's the mount by a privileged
> user, turning the mount into a user mount, which you want to convert.
> So my series of steps was:
> 
> 	as root:
> 		(1) mount --bind /mnt /mnt
> 		(2) mount --make-rshared /mnt
> 		(3) /usr/src/mmount-0.3/mmount --bind -o user=hallyn /mnt \
> 			/home/hallyn/etc/mnt
> 	as hallyn:
> 		(4) mount --bind /usr /home/hallyn/etc/mnt/usr
> 
> You are turning mounts from shared->slave at step 4, but in fact we need
> to do it at step 3, where we do have CAP_SYS_ADMIN.

Well, that's arguable: I think root should be able to shoot itself in
the foot by doing step 3.  Generally we don't restrict what root can
do.  OTOH I agree that current behavior is ugly in that it provides
different semantics for privileged/non-privileged callers.

Perhaps it would be cleaner to simply not allow step 4, instead of
playing tricks with changing the propagation type.

Miklos
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ