| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Sep 2017 12:33:06 -0500
From: ebiederm@...ssion.com (Eric W. Biederman)
To: Richard Guy Briggs <rgb@...hat.com>
Cc: cgroups@...r.kernel.org,
Linux Containers <containers@...ts.linux-foundation.org>,
Linux API <linux-api@...r.kernel.org>,
Linux Audit <linux-audit@...hat.com>,
Linux FS Devel <linux-fsdevel@...r.kernel.org>,
Linux Kernel <linux-kernel@...r.kernel.org>,
Linux Network Development <netdev@...r.kernel.org>,
Aristeu Rozanski <arozansk@...hat.com>,
David Howells <dhowells@...hat.com>,
Eric Paris <eparis@...isplace.org>, jlayton@...hat.com,
Andy Lutomirski <luto@...nel.org>, mszeredi@...hat.com,
Paul Moore <pmoore@...hat.com>,
"Serge E. Hallyn" <serge@...lyn.com>,
Steve Grubb <sgrubb@...hat.com>, trondmy@...marydata.com,
Al Viro <viro@...iv.linux.org.uk>
Subject: Re: RFC: Audit Kernel Container IDs
Richard Guy Briggs <rgb@...hat.com> writes:
> The trigger is a pseudo filesystem (proc, since PID tree already exists)
> write of a u64 representing the container ID to a file representing a
> process that will become the first process in a new container.
> This might place restrictions on mount namespaces required to define a
> container, or at least careful checking of namespaces in the kernel to
> verify permissions of the orchestrator so it can't change its own
> container ID.
Why a u64?
Why a proc filesystem write and not a magic audit message?
I don't like the fact that the proc filesystem entry is likely going to
be readable and abusable by non-audit contexts?
Why the ability to change the containerid? What is the use case you are
thinking of there?
Eric
Powered by blists - more mailing lists