Re: [RFC, PATCH] fix SEM_UNDO with namespaces

From: Manfred Spraul
Date: Thu Apr 03 2008 - 15:32:25 EST

Next message: Avi Kivity: "[PATCH 04/35] KVM: SVM: make iopm_base static"
Previous message: Josef 'Jeff' Sipek: "Re: fs_stack/eCryptfs: remove 3rd arg of copy_attr_all, addlocking to copy_inode_size"
In reply to: Andrew Morton: "Re: [RFC, PATCH] fix SEM_UNDO with namespaces"
Next in thread: Eric W. Biederman: "Re: [RFC, PATCH] fix SEM_UNDO with namespaces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrew Morton wrote:

Absolutely.

Guys, what's the status here?

afaict Manfred has identified an available-to-unprivileged-apps kernel
memory corrupter? If so, we should fix it asap for 2.6.25. And for
2.6.24.x if it's also present there.

No, it's a priveledged-only memory corruption:

int unshare_nsproxy_namespaces(unsigned long unshare_flags,
struct nsproxy **new_nsp, struct fs_struct *new_fs)
{
int err = 0;
[snip]
if (!capable(CAP_SYS_ADMIN))
return -EPERM;

Manfred's patch doesn't come close to applying against the 2.6.26 IPC
things which we have queued but that's OK - bugfixes come first.

Where can I find the queued changes? Are they in -mm?

--
Manfred
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Avi Kivity: "[PATCH 04/35] KVM: SVM: make iopm_base static"
Previous message: Josef 'Jeff' Sipek: "Re: fs_stack/eCryptfs: remove 3rd arg of copy_attr_all, addlocking to copy_inode_size"
In reply to: Andrew Morton: "Re: [RFC, PATCH] fix SEM_UNDO with namespaces"
Next in thread: Eric W. Biederman: "Re: [RFC, PATCH] fix SEM_UNDO with namespaces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]