Re: Security issues with local filesystem caching

Ar Iau, 2006-10-26 am 01:32 +0100, ysgrifennodd Al Viro:
> to.  What about access to cache tree by root process that has nothing
> to do with that daemon?  Should it get free access to that stuff, regardless
> of what policy might say about access to cached files?  Or should we at
> least try to make sure that we have the instances in cache no more permissive
> than originals on NFS?

This is already the case however. Root has ptrace, people have /proc
access (even more than before because the chroot check was broken
recently), root has CAP_SYS_RAWIO.


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • Security issues with local filesystem caching
    • From: David Howells <[email protected]>
  • Re: Security issues with local filesystem caching
    • From: Alan Cox <[email protected]>
  • Re: Security issues with local filesystem caching
    • From: Al Viro <[email protected]>

• Prev by Date: [PATCH 1/5] lock_cpu_hotplug:Redesign - Fix coding style issues in cpufreq.
• Next by Date: [PATCH 2/5] lock_cpu_hotplug:Redesign - remove lock_cpu_hotplug from hot-cpu_callback path in cpufreq.
• Previous by thread: Re: Security issues with local filesystem caching
• Next by thread: Re: Security issues with local filesystem caching
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]