lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20121003222341.GA20263@citd.de>
Date:	Thu, 4 Oct 2012 00:23:41 +0200
From:	Matthias Schniedermeyer <ms@...d.de>
To:	Kees Cook <kees@...flux.net>
Cc:	Nick Bowler <nbowler@...iptictech.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: Linux 3.6

On 03.10.2012 13:05, Kees Cook wrote:
> Hi Nick,
> 
> 3.6 introduced link restrictions:
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commitdiff;h=800179c9b8a1e796e441674776d11cd4c05d61d7
> 
> It sounds like you've got symlinks in a world-writable directory, and
> you're following those symlinks across mis-matched uids. You can either
> have the symlinks be owned by the directory owner, or you can turn off
> symlink restrictions in sysctl:
> 
> # echo 0 > /proc/sys/fs/protected_symlinks

According to documentation world writable isn't the problem.
It's world writable inside/or below a directory with sticky bit.
(Documentation/sysctl/fs.txt -> protected_symlinks)

So /scratch_space must have the sticky bit set.
Question is: Why?


Personally i would have been bitten by this change, because for years i 
have used a symlink in /tmp (which has the sticky bit) to a directory 
somewhere else for historical reasons. But as i was aware of this change 
i fixed my system before booting the new kernel.


> On Wed, Oct 03, 2012 at 03:46:14PM -0400, Nick Bowler wrote:
> > On 2012-09-30 17:38 -0700, Linus Torvalds wrote:
> > > So here it is, 3.6 final. Sure, I'd have been happier with even fewer
> > > changes, but that just never happens. And holding off the release
> > > until people get too bored to send me the small stuff just makes the
> > > next merge window more painful.
> > 
> > Just upgraded to 3.6 from 3.5, and now some of my kernel build scripts
> > are throwing "permission denied" errors.  Apparently symlinks are
> > broken somehow?
> > 
> >   # id
> >   uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video)
> > 
> >   # ls -l /scratch_space/linux
> >   drwxr-xr-x 24 nbowler eng 4096 2012-10-03 13:41 /scratch_space/linux
> > 
> >   # readlink /scratch_space/linux-2.6
> >   linux
> > 
> >   # cd /scratch_space/linux
> >   # pwd
> >   /scratch_space/linux
> > 
> >   # cd /scratch_space/linux-2.6
> >   cd: permission denied: /scratch_space/linux-2.6
> > 
> > WTF?  3.5 is fine.  I will try to bisect this later, but I figured I'd
> > throw this out there now in case anyone has any ideas...






Bis denn

-- 
Real Programmers consider "what you see is what you get" to be just as 
bad a concept in Text Editors as it is in women. No, the Real Programmer
wants a "you asked for it, you got it" text editor -- complicated, 
cryptic, powerful, unforgiving, dangerous.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ