Re: [RFC][PATCH 10/11] security: AppArmor - Add flags to d_path

From: Alan Cox
Date: Mon Apr 24 2006 - 08:55:19 EST

Next message: Serge E. Hallyn: "Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)"
Previous message: Arjan van de Ven: "Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7]implementation of LSM hooks)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mer, 2006-04-19 at 22:36 -0700, Tony Jones wrote:
> "system root". When a task chroots relative to it's current namespace, we
> are interested in the path back to the root of that namespace, rather than
> to the chroot. I believe the patch as stands achieves this, albeit with
> some changing of comments.

If the directory the task is in has been deleted then what is its path
relative to the namespace ? This isn't theoretical because if your
security profiles work on the basis of this path but do not prevent the
deletion of the current directory or some node above it (or doing
mkdir/chdir/rmdir sequences) an app may be able to subvert it by doing
this deliberately.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Serge E. Hallyn: "Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)"
Previous message: Arjan van de Ven: "Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7]implementation of LSM hooks)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]