lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1372560346.2776.158@driftwood>
Date:	Sat, 29 Jun 2013 21:45:46 -0500
From:	Rob Landley <rob@...dley.net>
To:	"Eric W. Biederman" <ebiederm@...ssion.com>
Cc:	linux-kernel@...r.kernel.org, Al Viro <viro@...iv.linux.org.uk>
Subject: Re: [PATCH 1/5] initmpfs: replace MS_NOUSER in initramfs

On 06/29/2013 08:15:40 PM, Eric W. Biederman wrote:
> Rob Landley <rob@...dley.net> writes:
> 
> > From: Rob Landley <rob@...dley.net>
> >
> > Mounting MS_NOUSER prevents --bind mounts from rootfs. Prevent new  
> rootfs
> > mounts with a different mechanism that doesn't affect bind mounts.
> 
> I don't see patches 4 and 5 so I don't know if you have covered this
> elsewhere but a very important part of the reason for MS_NOUSER is to
> prevent unmounting of rootfs.

Actually rootfs has separate protections against umounting. I tried  
several varieties of "umount -f /" and "cd /; umount -l .; umount -f  
.." and so on; they're all ignored.

> The entire vfs breaks if you are allowed to unmount rootfs, and it
> appears this patch is allowing that.

Yes, I hit that many moons ago. (Doing either mount --move or  
pivot_root on initramfs, and then umounting it once it was in a  
subdirectory: system locked hard; I can try to dig up a link if you  
like, it was something like 2005? Maybe 2.6.11? It got fixed. This was  
before I implemented switch_root in busybox, because the experience is  
what taught me the difference between pivot_root and switch_root.)

I tested "mount --bind / home" on initmpfs and got "invalid argument".  
(Haven't tried pivot_root again because that binary's not on my test  
system, but when you're _not_ on rootfs that'll kill the system if you  
do it in the global namespace without knowing what you're doing. I can  
specifically test that if you like...)

Rob--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ