Re: [PATCH v9 05/10] namei: O_BENEATH-style path resolution flags
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: Aleksa Sarai <cyphar@xxxxxxxxxx>
- Subject: Re: [PATCH v9 05/10] namei: O_BENEATH-style path resolution flags
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
- Date: Sun, 14 Jul 2019 15:36:23 +0100
- Cc: Jeff Layton <jlayton@xxxxxxxxxx>, "J. Bruce Fields" <bfields@xxxxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, David Howells <dhowells@xxxxxxxxxx>, Shuah Khan <shuah@xxxxxxxxxx>, Shuah Khan <skhan@xxxxxxxxxxxxxxxxxxx>, Christian Brauner <christian@xxxxxxxxxx>, David Drysdale <drysdale@xxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>, Eric Biederman <ebiederm@xxxxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Alexei Starovoitov <ast@xxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Jann Horn <jannh@xxxxxxxxxx>, Tycho Andersen <tycho@xxxxxxxx>, Chanho Min <chanho.min@xxxxxxx>, Oleg Nesterov <oleg@xxxxxxxxxx>, Aleksa Sarai <asarai@xxxxxxx>, containers@xxxxxxxxxxxxxxxxxxxxxxxxxx, linux-alpha@xxxxxxxxxxxxxxx, linux-api@xxxxxxxxxxxxxxx, linux-arch@xxxxxxxxxxxxxxx, linux-arm-kernel@xxxxxxxxxxxxxxxxxxx, linux-fsdevel@xxxxxxxxxxxxxxx, linux-ia64@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, linux-kselftest@xxxxxxxxxxxxxxx, linux-m68k@xxxxxxxxxxxxxxx, linux-mips@xxxxxxxxxxxxxxx, linux-parisc@xxxxxxxxxxxxxxx, linuxppc-dev@xxxxxxxxxxxxxxxx, linux-s390@xxxxxxxxxxxxxxx, linux-sh@xxxxxxxxxxxxxxx, linux-xtensa@xxxxxxxxxxxxxxxx, sparclinux@xxxxxxxxxxxxxxx
- In-reply-to: <20190714070029.m53etvm3y4etidxt@yavin>
- References: <20190706145737.5299-1-cyphar@cyphar.com> <20190706145737.5299-6-cyphar@cyphar.com> <20190712043341.GI17978@ZenIV.linux.org.uk> <20190712105745.nruaftgeat6irhzr@yavin> <20190712123924.GK17978@ZenIV.linux.org.uk> <20190712125552.GL17978@ZenIV.linux.org.uk> <20190712132553.GN17978@ZenIV.linux.org.uk> <20190712150026.GO17978@ZenIV.linux.org.uk> <20190713024153.GA3817@ZenIV.linux.org.uk> <20190714070029.m53etvm3y4etidxt@yavin>
- User-agent: Mutt/1.11.3 (2019-02-01)
On Sun, Jul 14, 2019 at 05:00:29PM +1000, Aleksa Sarai wrote:
> The basic property being guaranteed by LOOKUP_IN_ROOT is that it will
> not result in resolution of a path component which was not inside the
> root of the dirfd tree at some point during resolution (and that all
> absolute symlink and ".." resolution will be done relative to the
> dirfd). This may smell slightly of chroot(2), because unfortunately it
> is a similar concept -- the reason for this is to allow for a more
> efficient way to safely resolve paths inside a rootfs than spawning a
> separate process to then pass back the fd to the caller.
IDGI... If attacker can modify your subtree, you have already lost -
after all, they can make anything appear inside that tree just before
your syscall is made and bring it back out immediately afterwards.
And if they can't, what is the race you are trying to protect against?
Confused...
[Index of Archives]
[Linux Kernel]
[Sparc Linux]
[DCCP]
[Linux ARM]
[Yosemite News]
[Linux SCSI]
[Linux x86_64]
[Linux for Ham Radio]
