lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87ehaolz8v.fsf@xmission.com>
Date:	Wed, 24 Jul 2013 09:05:36 -0700
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	"Serge E. Hallyn" <serge@...lyn.com>
Cc:	Andy Lutomirski <luto@...capital.net>,
	Linux Containers <containers@...ts.linux-foundation.org>,
	linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: Re: [REVIEW][PATCH] vfs: Lock in place mounts from more privileged users

"Serge E. Hallyn" <serge@...lyn.com> writes:

> Quoting Serge E. Hallyn (serge@...lyn.com):
>> Quoting Eric W. Biederman (ebiederm@...ssion.com):
>> > 
>> > Serge does this patch break lxc?  I think all should be well but I want
>> > to make certain there is not some hidden case where this fundamentaly
>> > breaks some functionality.
>> 
>> I haven't yet tried.  I'll build and test a kernel today.  I'm pretty
>> sure all the child's mounts are done after clone, so I *think* the worst
>> case will be that the unmounting of put_old after pivot_root() will
>> be noisy.  Will let you know.
>> 
>> -serge
>
> Just tested it - works fine.  Warns about all of the failed umounts.

Just to confirm.  Can you do a lazy umount of put_old and get rid of
them?

> Acked-by: Serge Hallyn <serge.hallyn@...onical.com>
>
> ( Mind you I'm not approving of the idea of hiding mounts as a security
> mechanisms, but I know that neither are you :)

As a security mechanism, not really.  This is more about closing a
theoretical hole in case someone was sloppy, and doing it before user
namespaces are too widely deployed so we avoid massive user space
breakage.  It let's me sleep more soundly at night if I know you can't
more access more with user namespaces that you can without user
namespaces.

Eric

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ