Re: [PATCH 0/6] File Sealing & memfd_create()

From: David Herrmann
Date: Thu Apr 10 2014 - 19:16:13 EST

Next message: Shuah Khan: "Re: hpsa driver bug crack kernel down!"
Previous message: Andy Lutomirski: "Re: [PATCH 0/6] File Sealing & memfd_create()"
In reply to: Andy Lutomirski: "Re: [PATCH 0/6] File Sealing & memfd_create()"
Next in thread: Andy Lutomirski: "Re: [PATCH 0/6] File Sealing & memfd_create()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi

On Fri, Apr 11, 2014 at 1:05 AM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
> /proc/pid/fd is a really weird corner case in which the mode of an
> inode that doesn't have a name matters. I suspect that almost no one
> will ever want to open one of these things out of /proc/self/fd, and
> those who do should be made to think about it.

I'm arguing in the context of memfd, and there's no security leak if
people get access to the underlying inode (at least I'm not aware of
any). As I said, context information is attached to the inode, not
file context, so I'm fine if people want to open multiple file
contexts via /proc. If someone wants to forbid open(), I want to hear
_why_. I assume the memfd object has uid==uid-of-creator and
mode==(777 & ~umask) (which usually results in X00, so no access for
non-owners). I cannot see how /proc is a security issue here.

Thanks
David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Shuah Khan: "Re: hpsa driver bug crack kernel down!"
Previous message: Andy Lutomirski: "Re: [PATCH 0/6] File Sealing & memfd_create()"
In reply to: Andy Lutomirski: "Re: [PATCH 0/6] File Sealing & memfd_create()"
Next in thread: Andy Lutomirski: "Re: [PATCH 0/6] File Sealing & memfd_create()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]