lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Fri, 12 May 2017 02:14:47 +0100
From:   Al Viro <>
To:     Linus Torvalds <>
Subject: [git pull] work.sane_pwd

	Making sure that something like a referral point won't end up
as pwd or root.  The main part is the last commit (fixing mntns_install());
that one fixes a hard-to-hit race.  fchdir() one is making fchdir(2)
a bit more robust - it should be impossible to get opened files (even
O_PATH ones) for referral points in the first place, so the existing
checks are OK, but checking the same thing as in chdir(2) is just as
cheap.  path_init() commit removes a redundant check that shouldn't
have been there in the first place.

The following changes since commit 85128b2be6738fe36c224995c5ee80fe80fbb1b5:

  fix nfs O_DIRECT advancing iov_iter too much (2017-04-17 14:23:20 -0400)

are available in the git repository at:

  git:// work.sane_pwd

for you to fetch changes up to 4f757f3cbf54edef7b75c68d6d6d2f1a0ca08d2e:

  make sure that mntns_install() doesn't end up with referral for root (2017-04-21 14:05:36 -0400)

Al Viro (3):
      make sure that fchdir() won't accept referral points, etc.
      path_init(): don't bother with checking MAY_EXEC for LOOKUP_ROOT
      make sure that mntns_install() doesn't end up with referral for root

 fs/namei.c            | 48 ++++++++++++++++++++++++++++++++++++++++--------
 fs/namespace.c        | 18 +++++++++++-------
 fs/open.c             |  9 +++------
 include/linux/namei.h |  1 +
 4 files changed, 55 insertions(+), 21 deletions(-)

Powered by blists - more mailing lists