lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87wo4vt7ou.fsf@redhat.com>
Date:   Fri, 29 May 2020 11:24:33 +0200
From:   Giuseppe Scrivano <gscrivan@...hat.com>
To:     Sargun Dhillon <sargun@...gun.me>
Cc:     keescook@...omium.org, rsesek@...gle.com, palmer@...gle.com,
        jannh@...gle.com, jeffv@...gle.com,
        containers@...ts.linux-foundation.org,
        Kees Cook <keescook@...gle.com>, linux-kernel@...r.kernel.org,
        Matt Denton <mpdenton@...gle.com>, linux-api@...r.kernel.org,
        christian.brauner@...ntu.com
Subject: Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier

Sargun Dhillon <sargun@...gun.me> writes:

> This adds a seccomp notifier ioctl which allows for the listener to "add"
> file descriptors to a process which originated a seccomp user
> notification. This allows calls like mount, and mknod to be "implemented",
> as the return value, and the arguments are data in memory. On the other
> hand, calls like connect can be "implemented" using pidfd_getfd.
>
> Unfortunately, there are calls which return file descriptors, like
> open, which are vulnerable to TOC-TOU attacks, and require that the
> more privileged supervisor can inspect the argument, and perform the
> syscall on behalf of the process generating the notifiation. This
> allows the file descriptor generated from that open call to be
> returned to the calling process.
>
> In addition, there is funcitonality to allow for replacement of
> specific file descriptors, following dup2-like semantics.
>
> Signed-off-by: Sargun Dhillon <sargun@...gun.me>
> Suggested-by: Matt Denton <mpdenton@...gle.com>
> Cc: Kees Cook <keescook@...gle.com>,
> Cc: Jann Horn <jannh@...gle.com>,
> Cc: Robert Sesek <rsesek@...gle.com>,
> Cc: Chris Palmer <palmer@...gle.com>
> Cc: Christian Brauner <christian.brauner@...ntu.com>
> Cc: Tycho Andersen <tycho@...ho.ws>
> ---

Thanks, this is a really useful feature.

Tested-by: Giuseppe Scrivano <gscrivan@...hat.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ