Re: RFC: disablenetwork facility. (v4)

From: Alan Cox
Date: Tue Dec 29 2009 - 16:10:50 EST

Next message: Bryan Donlan: "Re: RFC: disablenetwork facility. (v4)"
Previous message: Meelis Roos: "Re: [Bug #14909] pata_cmd64x broken in 2.6.33-rc1"
In reply to: Bryan Donlan: "Re: RFC: disablenetwork facility. (v4)"
Next in thread: Bryan Donlan: "Re: RFC: disablenetwork facility. (v4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Execute != read. The executable file may contain secrets which must not
> > be available to the user running the setuid program. If you fail the
> > setuid, the user will be able to ptrace() and then the secret is
> > revealed.
> >
> > It's amazing how many security holes appear from what seems like a very
> > simple request.
>
> Do we have a security hole in nosuid mount option?
> Can someone write a patch to fix it?

If a setuid app can read a key when its erroneously not set setuid then
the user can read it too.

Anything you can do with ptrace you can do yourself !
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bryan Donlan: "Re: RFC: disablenetwork facility. (v4)"
Previous message: Meelis Roos: "Re: [Bug #14909] pata_cmd64x broken in 2.6.33-rc1"
In reply to: Bryan Donlan: "Re: RFC: disablenetwork facility. (v4)"
Next in thread: Bryan Donlan: "Re: RFC: disablenetwork facility. (v4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]