lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <536AB151.2070804@dti2.net>
Date:	Thu, 08 May 2014 00:18:57 +0200
From:	"Jorge Boncompte [DTI2]" <jorge@...2.net>
To:	"Eric W. Biederman" <ebiederm@...ssion.com>,
	David Miller <davem@...emloft.net>
CC:	vgoyal@...hat.com, ssorce@...hat.com, security@...nel.org,
	luto@...capital.net, netdev@...r.kernel.org, serge@...lyn.com
Subject: Re: [PATCH 5/5] net: Use netlink_ns_capable to verify the permisions
 of netlink messages

El 23/04/2014 23:29, Eric W. Biederman escribió:
> 
> It is possible by passing a netlink socket to a more privileged 
> executable and then to fool that executable into writing to the 
> socket data that happens to be valid netlink message to do something 
> that privileged executable did not intend to do.
> 
> To keep this from happening replace bare capable and ns_capable calls
> with netlink_capable, netlink_net_calls and netlink_ns_capable calls.
> Which act the same as the previous calls except they verify that the
> opener of the socket had the desired permissions as well.
> 

	Hi, after this patch, zebra daemon of quagga in Debian testing fails to
send routes to kernel with an -EPERM error.
	Reverting this patch and commit a64d90fd96 (netfilter: Fix warning in
nfnetlink_receive().) fixes it for me.

	I haven't got time to do a proper analisys and could be that zebra
it's doing something silly but this patch seems to subtly change some
semantics.

-- 
==============================================================
Jorge Boncompte - Ingenieria y Gestion de RED
DTI2 - Desarrollo de la Tecnologia de las Comunicaciones
--------------------------------------------------------------
C/ Abogado Enriquez Barrios, 5   14004 CORDOBA (SPAIN)
Tlf: +34 957 761395 / FAX: +34 957 450380
==============================================================
- There is only so much duct tape you can put on something
  before it just becomes a giant ball of duct tape.
==============================================================

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ