Re: [PATCH review 2/4] vfs: Test for and handle paths that are unreachable from their mnt_root

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Apr 08, 2015 at 06:32:58PM -0500, Eric W. Biederman wrote:
> 
> - Add a dentry flag DCACHE_MOUNT_VIOLATED to mark loopback mounts that
>   have had a dentry moved into a directory that does not descend from
>   the mount root dentry.
> 
> - In mnt_put_root clear DCACHE_MOUNT_VIOLATED.
> 
> - Add a function path_connected to verify a path.dentry is reachable from
>   path.mnt.mnt_root.  AKA rename did not do something nasty to the bind mount.
> 
> - Disable ".." when a path is not connected during lookup.
>   (Maybe we want to stop ".." at this path instead?)
> 
>   Following .. is not disabled after a transition to /
>   and is never disabled when / is the directory we start
>   with.   Because we already limit .. no higher than /

IDGI.  Am I missing something, or you really only set that flag in the
beginning of the pathwalk?  At the bare minimum, you want to treat
nd_jump_link() the same way, or your protection is trivially defeated by
using /proc/self/cwd/$PATHNAME instead of $PATHNAME...
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux