| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Mar 2023 21:57:07 +0000
From: Anjali Kulkarni <anjali.k.kulkarni@...cle.com>
To: Christian Brauner <brauner@...nel.org>
CC: "davem@...emloft.net" <davem@...emloft.net>,
"edumazet@...gle.com" <edumazet@...gle.com>,
"kuba@...nel.org" <kuba@...nel.org>,
"pabeni@...hat.com" <pabeni@...hat.com>,
"zbr@...emap.net" <zbr@...emap.net>,
"johannes@...solutions.net" <johannes@...solutions.net>,
"ecree.xilinx@...il.com" <ecree.xilinx@...il.com>,
"leon@...nel.org" <leon@...nel.org>,
"keescook@...omium.org" <keescook@...omium.org>,
"socketcan@...tkopp.net" <socketcan@...tkopp.net>,
"petrm@...dia.com" <petrm@...dia.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
Anjali Kulkarni <anjali.k.kulkarni@...cle.com>
Subject: Re: [PATCH 4/5] connector/cn_proc: Allow non-root users access
________________________________________
From: Christian Brauner <brauner@...nel.org>
Sent: Thursday, March 9, 2023 9:09 AM
To: Anjali Kulkarni
Cc: davem@...emloft.net; edumazet@...gle.com; kuba@...nel.org; pabeni@...hat.com; zbr@...emap.net; johannes@...solutions.net; ecree.xilinx@...il.com; leon@...nel.org; keescook@...omium.org; socketcan@...tkopp.net; petrm@...dia.com; linux-kernel@...r.kernel.org; netdev@...r.kernel.org
Subject: Re: [PATCH 4/5] connector/cn_proc: Allow non-root users access
On Wed, Mar 08, 2023 at 07:19:52PM -0800, Anjali Kulkarni wrote:
> The patch allows non-root users to receive cn proc connector
> notifications, as anyone can normally get process start/exit status from
> /proc. The reason for not allowing non-root users to receive multicast
> messages is long gone, as described in this thread:
> https://urldefense.com/v3/__https://linux-kernel.vger.kernel.narkive.com/CpJFcnra/multicast-netlink-for-non-root-process__;!!ACWV5N9M2RV99hQ!NKjh44Qy5cy18bhIbdhHlHeA1w_i-N5u2PdbQPRTobAEUYW8ZiQ8hkOxaojiLWmq3POJ2k4DaD3CtyC9-C3Cnoo$
Sorry that thread is kinda convoluted. Could you please provide a
summary in the commit message and explain why this isn't an issue
anymore?
ANJALI> Will change commit message as follows:
There were a couple of reasons for not allowing non-root users access initially - one is there was "that at some point there was no proper receive buffer management in place for netlink multicast. But that should be long fixed." according to Andi Kleen & Alexey. Second is that some of the messages may contain data that is root only. But this should be handled with a finer granularity, which is being done at the protocol layer. The only problematic protocols are nf_queue and the firewall netlink, according to Andi. Hence, this restriction for non-root access was relaxed for rtnetlink initially (and subsequently for other protocols as well):
https://lore.kernel.org/all/20020612013101.A22399@wotan.suse.de/
Since process connector messages are not sensitive (process fork, exit notifications etc.), and anyone can read /proc data, we can allow non-root access here too. Reason we need this change is we cannot run our DB application as root.
Powered by blists - more mailing lists