> > > dentry = file->f_dentry; > > > mnt = file->f_vfsmnt; > > > inode = dentry->d_inode; > > > + if(mnt->mnt_namespace != current->namespace) > > > + goto out_putf; > > > > > > error = -ENOTDIR; > > > if (!S_ISDIR(inode->i_mode)) > > > > > > > Does this actually fix the problem? The open is done in the right > > namespace, and mount() doesn't call open(). > > Right but this fix disallows fchdir into a directory belonging to > a different namespace. And hence would disallow the ability to > cross mount across namespaces. Ahh, sorry. I thought that check was in open(), but I see now it's in fchdir(). Next time please use '-p' option of diff, to avoid confusing thoughtless readers like me :) Though your patch does fix the bug, I still think it's wrong, since mounting from a different namespace has legitimate uses, and is not a security problem. Miklos - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
- References:
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Jamie Lokier <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Miklos Szeredi <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Ram <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Jamie Lokier <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Ram <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Eric Van Hensbergen <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Jamie Lokier <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Eric Van Hensbergen <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Jamie Lokier <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Eric Van Hensbergen <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Jamie Lokier <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Miklos Szeredi <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Ram <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Ram <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Ram <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Miklos Szeredi <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- From: Ram <[email protected]>
- Re: [RCF] [PATCH] unprivileged mount/umount
- Prev by Date: Re: Hyper-Threading Vulnerability
- Next by Date: Re: [PATCH] namespace.c: fix bind mount from foreign namespace
- Previous by thread: Re: [RCF] [PATCH] unprivileged mount/umount
- Next by thread: Re: [RCF] [PATCH] unprivileged mount/umount
- Index(es):
 |