| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKPOu+89waVOi90bYsNk8C4AmNEYeZGiDD2PseauH_zCvyRw_A@mail.gmail.com> Date: Fri, 9 May 2025 19:50:12 +0200 From: Max Kellermann <max.kellermann@...os.com> To: "Andrew G. Morgan" <morgan@...nel.org> Cc: "Serge E. Hallyn" <serge@...lyn.com>, Andy Lutomirski <luto@...nel.org>, paul@...l-moore.com, jmorris@...ei.org, kees@...nel.org, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] security/commoncap: don't assume "setid" if all ids are identical On Wed, May 7, 2025 at 8:33 AM Max Kellermann <max.kellermann@...os.com> wrote: > What protection do you mean, and what behavior do you expect when > setid execs itself? I see this affects: > > 1. reset effective ids to real ids (only affects NO_NEW_PRIVS) > 2. new cap_permitted cannot be higher than old cap_permitted > 3. clear cap_ambient > 4. clear pdeath_signal (in begin_new_exec) > 5. reset stack limits (in begin_new_exec) > [...] > > Did I miss anything? Indeed I missed something (but this was apparently so hard to find that nobody could answer my question, until I found out myself). The "secureexec" flag is not just used for resetting pdeath_signal and stack limits; its primary purpose is to set the AT_SECURE ELF flag. So yes, my patch is wrong. The "secureexec" setting must be excluded from my patch. Max
Powered by blists - more mailing lists