lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <878tka6ffw.fsf@xmission.com>
Date:   Thu, 29 Jun 2017 09:23:15 -0500
From:   ebiederm@...ssion.com (Eric W. Biederman)
To:     Andy Lutomirski <luto@...nel.org>
Cc:     Kees Cook <keescook@...omium.org>,
        Shuah Khan <shuahkh@....samsung.com>, Greg KH <greg@...ah.com>,
        Naresh Kamboju <naresh.kamboju@...aro.org>,
        "open list\:KERNEL SELFTEST FRAMEWORK" 
        <linux-kselftest@...r.kernel.org>,
        "linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org>,
        Shuah Khan <shuah@...nel.org>
Subject: Re: selftests/capabilities: test FAIL on linux mainline and linux-next and PASS on linux-4.4.70+

ebiederm@...ssion.com (Eric W. Biederman) writes:

> Andy Lutomirski <luto@...nel.org> writes:
>>
>> Hi Eric-
>>
>> This is rather odd.  The selftest
>> (tools/testing/selftests/capabilities/test_execve), run as root, fails
>> on current kernels.  The failure is worked around by this:
>>
>> diff --git a/tools/testing/selftests/capabilities/test_execve.c
>> b/tools/testing/selftests/capabilities/test_execve.c
>> index 10a21a958aaf..6db60889b211 100644
>> --- a/tools/testing/selftests/capabilities/test_execve.c
>> +++ b/tools/testing/selftests/capabilities/test_execve.c
>> @@ -139,8 +139,8 @@ static void chdir_to_tmpfs(void)
>>         if (chdir(cwd) != 0)
>>                 err(1, "chdir to private tmpfs");
>>
>> -       if (umount2(".", MNT_DETACH) != 0)
>> -               err(1, "detach private tmpfs");
>> +//     if (umount2(".", MNT_DETACH) != 0)
>> +//             err(1, "detach private tmpfs");
>>  }
>>
>>  static void copy_fromat_to(int fromfd, const char *fromname, const
>> char *toname)
>>
>> I think this is due to the line:
>>
>> p->mnt_ns = NULL;
>>
>> in umount_tree().  The test is putting us into a situation in which
>> our cwd has ->mnt_ns = NULL, which is making it act as if it's nosuid.
>> I can imagine this breaking some weird user code (like my test!).  Is
>> it a real problem, though?

I just wanted to follow up and say this the mnt_may_suid test appears
to be doing exactly what it was designed to do.

It's goal is not to allow a suid exec from another mount namespace and
in this test the umount2(".", MNT_DETACH) creates a poor man's mount
namespace.

So assuming that we want to not allow execing executables from other
mount namespaces the behavior appears to be exactly correct in this
case.

Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ