| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Nov 2014 15:04:54 +0100 From: Miklos Szeredi <miklos@...redi.hu> To: Seth Forshee <seth.forshee@...onical.com> Cc: "Eric W. Biederman" <ebiederm@...ssion.com>, "Serge H. Hallyn" <serge.hallyn@...ntu.com>, Andy Lutomirski <luto@...capital.net>, Michael j Theall <mtheall@...ibm.com>, fuse-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org Subject: Re: [PATCH v5 2/4] fuse: Support fuse filesystems outside of init_user_ns On Wed, Oct 22, 2014 at 04:24:18PM -0500, Seth Forshee wrote: > Update fuse to translate uids and gids to/from the user namspace > of the process servicing requests on /dev/fuse. Any ids which do > not map into the namespace will result in errors. inodes will > also be marked bad when unmappable ids are received from > userspace. Okay. > Due to security concerns the namespace used should be fixed, > otherwise a user might be able to gain elevated privileges or > influence processes that the user would otherwise be unable to > manipulate. Thus the namespace of the mounting process is used > for all translations, and this namespace is required to be the > same as the one in use when /dev/fuse was opened. Maybe I'm being dense, but can someone give a concrete example of such an attack? That might also help me understand how exactly user/pid namespaces work... Patch otherwise looks okay. Thanks, Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists