vsftpd not changing security context while dropping privileges

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I noticed vsftpd starts running with UID 0 and MLS s0. When a user
logs in, a new process is spawn (forked) from vsftpd and UID is
changed to match the user. The problem is that MLS stays in s0, so if
the user has a different MLS it will make everything fail. Starting
vsftpd with s0-s0:c0.c1023 would be an option, but will then bypass
per-user MLS security. So IMHO vsftpd should be patched to change
security context when forking a new process.

You can reproduce the problem by running:
# semanage user -m -r s0-s0:c0.c1023 user_u
# groupadd testing
# useradd -m -g testing -Z user_u testing
# semanage login -m -r s0:c3 testing
# chcon -R -l s0:c3 /home/testing
# /etc/init.d/vsftpd start
# lftp
open -u testing,password localhost
ls

Daniel Walsh said at https://bugzilla.redhat.com/show_bug.cgi?id=518569 :
Lets bring this up for discussion on the SELinux list.

There are two possibilities, here,  One is to just change the level on the
vstfpd process to run at the appropriate level of the user.  The second would
be to change the type, in order to run as a type appropriate for the user.  IE
With different privs then the vsftpd server.

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux