| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1376601825.2737.37@driftwood> Date: Thu, 15 Aug 2013 16:23:45 -0500 From: Rob Landley <rob@...dley.net> To: Miklos Szeredi <miklos@...redi.hu> Cc: "Eric W. Biederman" <ebiederm@...ssion.com>, "Serge E. Hallyn" <serge@...lyn.com>, Al Viro <viro@...iv.linux.org.uk>, Linux-Fsdevel <linux-fsdevel@...r.kernel.org>, Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: DoS with unprivileged mounts On 08/14/2013 12:42:19 PM, Miklos Szeredi wrote: > There's a simple and effective way to prevent unlink(2) and rename(2) > from operating on any file or directory by simply mounting something > on it. In any mount instance in any namespace. > > Was this considered in the unprivileged mount design? > > The solution is also theoretically simple: mounts in unpriv namespaces > are marked "volatile" and are dissolved on an unlink type operation. > > Such volatile mounts would be useful in general too. Would that "anonymous inode" thing that wandered by recently help, letting umount move the mount to one side so you could keep the mount point as the root of your per-process hierarchy but not have it glued to other people's namespaces? Rob-- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists