lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250915-sesshaft-lackieren-c7f074e8fc4a@brauner>
Date: Mon, 15 Sep 2025 13:54:21 +0200
From: Christian Brauner <brauner@...nel.org>
To: Aleksa Sarai <cyphar@...har.com>
Cc: Alexander Viro <viro@...iv.linux.org.uk>, Jan Kara <jack@...e.cz>, 
	Jonathan Corbet <corbet@....net>, Shuah Khan <shuah@...nel.org>, 
	Andy Lutomirski <luto@...capital.net>, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, 
	linux-api@...r.kernel.org, linux-doc@...r.kernel.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH v4 0/4] procfs: make reference pidns more user-visible

> The main issues are:
> 
> 1. pid1 can often be non-dumpable, which can block you from doing that.
>    In principle, because the dumpable flag is reset on execve, it is
>    theoretically possible to get access to /proc/$pid/ns/pid if you win
>    the race in a pid namespace with lots of process activity, but this
>    kind of sucks.
> 
> 2. This approach doesn't work for empty pid namesapces.
>    pidns_for_children doesn't let you get a handle to an empty pid
>    namespace either (I briefly looked at the history and it seems this
>    was silently changed in v2 of the patchset based on some feedback
>    that I'm not sure was entirely correct).
> 
> 3. Now that you can configure the procfs mount, it seems like a
>    half-baked interface to not provide diagnostic information about the
>    namespace. (I suspect the criu folks would be happy to have this too
>    ;).)

I think the easiest would be to add an ioctl that returns a pid
namespace based on a procfs root if the caller is located in the pid
namespace of the procfs instance (like
current_in_namespace(proc->pid_ns) or if the caller is privileged over
the owning ns. That would be simple and doesn't need to involve any
ptrace.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ