Re: Leaking path for search_binary_handler

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 09/25/2018 01:27 PM, Tong Zhang wrote:

Kernel Version: 4.18.5

Problem Description:

search_binary_handler() should be called after setting bprm using prepare_binprm(),
and in prepare_binprm(), there’s a LSM hook security_bprm_set_creds(),
which can make a decision that binfmt cares.

We found a leaking path In fs/binfmt_misc.c:235, that don’t ask LSM’s decision.
Do you mean the MISC_FMT_CREDENTIALS case? That looks intentional to me, as noted in the comment there, and as per Documentation/admin-guide/binfmt-misc.rst's discussion of the credentials flag.
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux