| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Mar 2016 11:06:14 +0100
From: Miklos Szeredi <miklos@...redi.hu>
To: David Howells <dhowells@...hat.com>
Cc: Al Viro <viro@...iv.linux.org.uk>,
Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux-Fsdevel <linux-fsdevel@...r.kernel.org>,
"linux-unionfs@...r.kernel.org" <linux-unionfs@...r.kernel.org>
Subject: Re: [PATCH] overlayfs: Warn on copy up if a process has a R/O fd open
to the lower file
On Tue, Jul 7, 2015 at 4:04 PM, David Howells <dhowells@...hat.com> wrote:
>
> Print a warning when overlayfs copies up a file if the process that triggered
> the copy up has a R/O fd open to the lower file being copied up.
>
> This can help catch applications that do things like the following:
>
> fd1 = open("foo", O_RDONLY);
> fd2 = open("foo", O_RDWR);
>
> where they expect fd1 and fd2 to refer to the same file - which will no longer
> be the case post-copy up.
>
> With this patch, the following commands:
>
> bash 5</mnt/a/foo128
> 6<>/mnt/a/foo128
>
> assuming /mnt/a/foo128 to be an un-copied up file on an overlay will produce
> the following warning in the kernel log:
>
> overlayfs: Copying up foo129, but open R/O on fd 5 which will cease to
> be coherent [pid=3818 bash]
>
> This is enabled by setting:
>
> /sys/module/overlay/parameters/check_copy_up
>
> to 1.
>
> The warnings are ratelimited and are also limited to one warning per file -
> assuming the copy up completes in each case.
>
Queued.
Thanks,
Miklos
Powered by blists - more mailing lists