| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Oct 2020 08:40:31 -0600
From: David Ahern <dsahern@...il.com>
To: Vincent Bernat <vincent@...nat.ch>,
David Miller <davem@...emloft.net>
Cc: netdev@...r.kernel.org, Laurent Fasnacht <fasnacht@...tonmail.ch>
Subject: Re: [PATCH net-next v2] net: core: enable SO_BINDTODEVICE for
non-root users
On 10/23/20 4:02 AM, Vincent Bernat wrote:
> ❦ 2 avril 2020 17:47 -07, David Miller:
>
>>> Currently, SO_BINDTODEVICE requires CAP_NET_RAW. This change allows a
>>> non-root user to bind a socket to an interface if it is not already
>>> bound.
>> ...
>>
>> Ok I'm convinced now, thanks for your patience.
>
> I've got some user feedback about this patch. I didn't think the patch
> would allow to circumvent routing policies on most common setups, but
> VPN may setup a default route with a lower metric and an application may
> (on purpose or by accident) use SO_BINDTODEVICE to circumvent the lower
> metric route:
>
> default via 10.81.0.1 dev tun0 proto static metric 50
> default via 192.168.122.1 dev enp1s0 proto dhcp metric 100
I thought we discussed this at the time you submitted your patch. That
was a known issue then, so nothing has really changed. Again, this patch
just brings equivalence to TCP for capabilities in UDP and raw sockets.
>
> I am wondering if we should revert the patch for 5.10 while we can,
> waiting for a better solution (and breaking people relying on the new
> behavior in 5.9).
>
> Then, I can propose a patch with a sysctl to avoid breaking existing
> setups.
>
I have not walked the details, but it seems like a security policy can
be installed to get the previous behavior.
Powered by blists - more mailing lists