Re: [PATCH 0/3] Taming execve, setuid, and LSMs

From: Andrew Lutomirski
Date: Tue Apr 20 2010 - 11:17:37 EST

Next message: Don Zickus: "[PATCH 6/6] [x86] watchdog: cleanup hw_nmi.c cruft"
Previous message: Avi Kivity: "Re: [PATCH 1/5] Add a global synchronization point for pvclock"
In reply to: Serge E. Hallyn: "Re: [PATCH 0/3] Taming execve, setuid, and LSMs"
Next in thread: Andrew Lutomirski: "Re: [PATCH 0/3] Taming execve, setuid, and LSMs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 20, 2010 at 10:35 AM, Serge E. Hallyn <serue@xxxxxxxxxx> wrote:
>>
>> True, but I think it's still asking for trouble -- other LSMs could
>> (and almost certainly will, especially the out-of-tree ones) do
>> something, and I think that any action at all that an LSM takes in the
>> bprm_set_creds hook for a nosuid (or whatever it's called) process is
>> wrong or at best misguided.
>
> I could be wrong, but I think the point is that your reasoning is
> correct, and that the same reasoning must apply if we're just
> executing a file out of an fs which has been mounted with '-o nosuid'.

I tend to agree, except that only root can set nosuid (presumably) and
making that change will change existing behavior. Is that a problem?

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Don Zickus: "[PATCH 6/6] [x86] watchdog: cleanup hw_nmi.c cruft"
Previous message: Avi Kivity: "Re: [PATCH 1/5] Add a global synchronization point for pvclock"
In reply to: Serge E. Hallyn: "Re: [PATCH 0/3] Taming execve, setuid, and LSMs"
Next in thread: Andrew Lutomirski: "Re: [PATCH 0/3] Taming execve, setuid, and LSMs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]