lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Feb 2016 19:59:48 +0800 From: Zhao Lei <zhaolei@...fujitsu.com> To: 'Mateusz Guzik' <mguzik@...hat.com>, "'Eric W. Biederman'" <ebiederm@...ssion.com> CC: <containers@...ts.linux-foundation.org>, <linux-kernel@...r.kernel.org> Subject: RE: [PATCH] Make core_pattern support namespace Hi, Mateusz Guzik > -----Original Message----- > From: Mateusz Guzik [mailto:mguzik@...hat.com] > Sent: Thursday, February 18, 2016 4:54 AM > To: Eric W. Biederman <ebiederm@...ssion.com> > Cc: Zhao Lei <zhaolei@...fujitsu.com>; containers@...ts.linux-foundation.org; > linux-kernel@...r.kernel.org > Subject: Re: [PATCH] Make core_pattern support namespace > > On Wed, Feb 17, 2016 at 02:15:24PM -0600, Eric W. Biederman wrote: > > Mateusz Guzik <mguzik@...hat.com> writes: > > > On Tue, Feb 16, 2016 at 07:33:39PM +0800, Zhao Lei wrote: > > >> For container based on namespace design, it is good to allow > > >> each container keeping their own coredump setting. > > > > > > Sorry if this is a false alarm, I don't have easy means to test it, but > > > is not this an immediate privilege escalation? > > > > It is. This is why we do not currently have a per namespace setting. > > > > Thanks for confimation. > > > Solving the user mode helper problem is technically a fair amount of > > work, if not theoretically challenging. > > > > Well, I would say custom core_patterns without pipe support are still > better than none. > +1. > Say one would ensure a stable core_pattern (i.e. that it cannot be > modified as it is being parsed) and a restricted set of allowed > characters in the pattern (which would not include the pipe), validated > when one attempts to set the pattern. > > Does this sound acceptable? If so, and there are no counter ideas from > Lei, I can get around to that. > If we can let kernel select pipe_program in vm's filesystem, and run pipe_program with vm's filesystem, set a pipe for core_patterm in vm will be safe. What is your opinion on above solution? If above way is not acceptable, or impossible to realize, I also agree your solution of limit vm setting pipe. Thanks Zhaolei > -- > Mateusz Guzik
Powered by blists - more mailing lists