lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20121026215533.GA10402@www.outflux.net>
Date:	Fri, 26 Oct 2012 14:55:33 -0700
From:	Kees Cook <keescook@...omium.org>
To:	linux-kernel@...r.kernel.org
Cc:	James Morris <james.l.morris@...cle.com>,
	Kees Cook <keescook@...omium.org>,
	John Johansen <john.johansen@...onical.com>,
	"Serge E. Hallyn" <serge.hallyn@...onical.com>,
	Eric Paris <eparis@...hat.com>,
	linux-security-module@...r.kernel.org
Subject: [PATCH] Yama: enable link restrictions when selected

Systems running with Yama enabled expect restrictions on various
potentially dangerous operations that could create backward-compaibility
issues with rare userspace corner-cases. Since 561ec64ae67e ("VFS:
don't do protected {sym,hard}links by default") has disabled VFS link
restrictions by default, enable them for systems using Yama.

Cc: stable@...r.kernel.org # v3.6
Signed-off-by: Kees Cook <keescook@...omium.org>
---
 security/yama/Kconfig    |    4 +++-
 security/yama/yama_lsm.c |    5 +++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/security/yama/Kconfig b/security/yama/Kconfig
index 20ef514..2a91598 100644
--- a/security/yama/Kconfig
+++ b/security/yama/Kconfig
@@ -8,7 +8,9 @@ config SECURITY_YAMA
 	  This selects Yama, which extends DAC support with additional
 	  system-wide security settings beyond regular Linux discretionary
 	  access controls. Currently available is ptrace scope restriction.
-	  Further information can be found in Documentation/security/Yama.txt.
+	  Enables the VFS link restriction sysctls (protected_symlinks and
+	  protected_hardlinks) by default. Further information can be found
+	  in Documentation/security/Yama.txt.
 
 	  If you are unsure how to answer this question, answer N.
 
diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
index b4c2984..3bef1c1 100644
--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -17,6 +17,7 @@
 #include <linux/ptrace.h>
 #include <linux/prctl.h>
 #include <linux/ratelimit.h>
+#include <linux/fs.h>
 
 #define YAMA_SCOPE_DISABLED	0
 #define YAMA_SCOPE_RELATIONAL	1
@@ -397,6 +398,10 @@ static __init int yama_init(void)
 		panic("Yama: sysctl registration failed.\n");
 #endif
 
+	/* Enable link restrictions when Yama is enabled. */
+	sysctl_protected_symlinks = 1;
+	sysctl_protected_hardlinks = 1;
+
 	return 0;
 }
 
-- 
1.7.9.5


-- 
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ