Re: RFC: disablenetwork facility. (v4)

From: Eric W. Biederman
Date: Tue Dec 29 2009 - 15:41:24 EST

Next message: Michael Breuer: "Re: sky2 panic in 2.6.32.1 under load (new oops)"
Previous message: Felipe Balbi: "Re: [PATCH] OMAP2: add USB platform data and initialization forNokia N800 and N810"
In reply to: Benny Amorsen: "Re: RFC: disablenetwork facility. (v4)"
Next in thread: Bryan Donlan: "Re: RFC: disablenetwork facility. (v4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Benny Amorsen <benny+usenet@xxxxxxxxxx> writes:

> Bryan Donlan <bdonlan@xxxxxxxxx> writes:
>
>> I, for one, think it would be best to handle it exactly like the
>> nosuid mount option - that is, pretend the file doesn't have any
>> setuid bits set. There's no reason to deny execution; if the process
>> would otherwise be able to execute it, it can also copy the file to
>> make a non-suid version and execute that instead.
>
> Execute != read. The executable file may contain secrets which must not
> be available to the user running the setuid program. If you fail the
> setuid, the user will be able to ptrace() and then the secret is
> revealed.
>
> It's amazing how many security holes appear from what seems like a very
> simple request.

Do we have a security hole in nosuid mount option?
Can someone write a patch to fix it?

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Michael Breuer: "Re: sky2 panic in 2.6.32.1 under load (new oops)"
Previous message: Felipe Balbi: "Re: [PATCH] OMAP2: add USB platform data and initialization forNokia N800 and N810"
In reply to: Benny Amorsen: "Re: RFC: disablenetwork facility. (v4)"
Next in thread: Bryan Donlan: "Re: RFC: disablenetwork facility. (v4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]