| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <08d4dde6-d333-4992-abc6-35291a44c65f@yandex.ru> Date: Thu, 25 Apr 2024 14:02:40 +0300 From: stsp <stsp2@...dex.ru> To: Andy Lutomirski <luto@...capital.net> Cc: linux-kernel@...r.kernel.org, Stefan Metzmacher <metze@...ba.org>, Eric Biederman <ebiederm@...ssion.com>, Alexander Viro <viro@...iv.linux.org.uk>, Andy Lutomirski <luto@...nel.org>, Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>, Jeff Layton <jlayton@...nel.org>, Chuck Lever <chuck.lever@...cle.com>, Alexander Aring <alex.aring@...il.com>, linux-fsdevel@...r.kernel.org, linux-api@...r.kernel.org, Paolo Bonzini <pbonzini@...hat.com>, Christian Göttsche <cgzones@...glemail.com>, Aleksa Sarai <cyphar@...har.com> Subject: Re: [PATCH v2 0/2] implement OA2_INHERIT_CRED flag for openat2() 25.04.2024 03:43, Andy Lutomirski пишет: > But you missed the FMODE_CRED part! OK, I thought its not needed if fd is limited to the one created by the same process. But your explanation is quite clear on that its needed anyway, or otherwise the unsuspecting process doesn't fully drop his privs. Thank you for explaining that bit. Which leaves just one question: is such an opt-in enough or not? Viro points it may not be enough, but doesn't explain why exactly. Maybe we need such an opt-in, and it should be dropped on exec() and on passing via unix fd? I don't know what additional restrictions are needed, as Viro didn't clarify that part, but the opt-in is needed for sure.
Powered by blists - more mailing lists