| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140402172049.GA13240@sergelap> Date: Wed, 2 Apr 2014 12:20:49 -0500 From: Serge Hallyn <serge.hallyn@...ntu.com> To: "Eric W. Biederman" <ebiederm@...ssion.com> Cc: Sean Pajot <sean.pajot@...culink.com>, lxc-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org Subject: Re: [lxc-devel] Kernel bug? Setuid apps and user namespaces Hi Eric, (sorry, I don't seem to have the email I actually wanted to reply to in my mbox, but it is https://lists.linuxcontainers.org/pipermail/lxc-devel/2013-October/005857.html) You'd said, > Someone needs to read and think through all of the corner cases and see > if we can ever have a time when task_dumpable is false but root in the > container would not or should not be able to see everything. > > In particular I am worried about the case of a setuid app calling setns, > and entering a lesser privileged user namespace. In my foggy mind that > might be a security problem. And there might be other similar crazy > cases. Can we make use of current->mm->exe_file->f_cred->user_ns? So either always use make_kgid(current->mm->exe_file->f_cred->user_ns, 0) instead of make_kuid(cred->user_ns, 0), or check that (current->mm->exe_file->f_cred->user_ns == cred->user_ns) and, if not, assume that the caller has done a setns? -serge -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists