mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-12 21:57:43 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Eric W. Biederman 5e4a08476b userns: Require CAP_SYS_ADMIN for most uses of setns. 
Andy Lutomirski <luto@amacapital.net> found a nasty little bug in
the permissions of setns.  With unprivileged user namespaces it
became possible to create new namespaces without privilege.

However the setns calls were relaxed to only require CAP_SYS_ADMIN in
the user nameapce of the targed namespace.

Which made the following nasty sequence possible.

pid = clone(CLONE_NEWUSER | CLONE_NEWNS);
if (pid == 0) { /* child */
	system("mount --bind /home/me/passwd /etc/passwd");
}
else if (pid != 0) { /* parent */
	char path[PATH_MAX];
	snprintf(path, sizeof(path), "/proc/%u/ns/mnt");
	fd = open(path, O_RDONLY);
	setns(fd, 0);
	system("su -");
}

Prevent this possibility by requiring CAP_SYS_ADMIN
in the current user namespace when joing all but the user namespace.

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2012-12-14 16:12:03 -08:00
..
9p The following changes since commit 4cbe5a555f: 2012-10-12 09:59:23 +09:00
802
8021q vlan: allow to change type when no vlan device is hooked on netdev 2012-10-18 15:34:30 -04:00
appletalk userns: Print out socket uids in a user namespace aware fashion. 2012-08-14 21:48:06 -07:00
atm net🏧fix up ENOIOCTLCMD error handling 2012-08-31 16:14:33 -04:00
ax25 userns: Convert net/ax25 to use kuid_t where appropriate 2012-08-14 21:49:42 -07:00
batman-adv batman-adv: Fix potential broadcast BLA-duplicate-check race condition 2012-10-18 18:17:31 +02:00
bluetooth Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth 2012-10-15 14:34:23 -04:00
bridge bridge: Pull ip header into skb->data before looking into ip header. 2012-10-10 22:50:45 -04:00
caif caif: move the dereference below the NULL test 2012-09-10 16:13:31 -04:00
can sections: fix section conflicts in net/can 2012-10-06 03:04:45 +09:00
ceph Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
core userns: Require CAP_SYS_ADMIN for most uses of setns. 2012-12-14 16:12:03 -08:00
dcb netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
dccp dccp: fix info leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO) 2012-08-15 21:36:31 -07:00
decnet sections: fix section conflicts in net 2012-10-06 03:04:45 +09:00
dns_resolver Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
dsa workqueue: deprecate flush[_delayed]_work_sync() 2012-08-20 14:51:24 -07:00
ethernet ipx: move peII functions 2012-07-19 10:48:00 -07:00
ieee802154 net/ieee802154/6lowpan.c: Remove unecessary semicolon 2012-09-18 16:08:19 -04:00
ipv4 tcp: Reject invalid ack_seq to Fast Open sockets 2012-10-23 02:42:56 -04:00
ipv6 ipv6: Set default hoplimit as zero. 2012-10-24 23:14:17 -04:00
ipx userns: Print out socket uids in a user namespace aware fashion. 2012-08-14 21:48:06 -07:00
irda Merge 3.7-rc1 into tty-linus 2012-10-14 22:41:27 -07:00
iucv net: remove skb_orphan_try() 2012-06-15 15:30:15 -07:00
key net/key/af_key.c: add range checks on ->sadb_x_policy_len 2012-10-01 17:15:06 -04:00
l2tp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-09-28 14:40:49 -04:00
lapb
llc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-10-02 11:11:09 -07:00
mac80211 Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211 2012-10-17 16:23:33 -04:00
mac802154 mac802154: sparse warnings: make symbols static 2012-07-12 07:54:45 -07:00
netfilter netfilter: xt_TEE: don't use destination address found in header 2012-10-17 11:00:31 +02:00
netlabel Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
netlink netlink: use kfree_rcu() in netlink_release() 2012-10-18 15:34:30 -04:00
netrom net: change return values from -EACCES to -EPERM 2012-09-21 13:58:08 -04:00
nfc Remove noisy printks from llcp_sock_connect 2012-10-04 15:58:47 -04:00
openvswitch net/openvswitch/vport.c: Remove unecessary semicolon 2012-09-18 16:08:19 -04:00
packet Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-10-02 11:11:09 -07:00
phonet netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
rds RDS: fix rds-ping spinlock recursion 2012-10-09 13:57:23 -04:00
rfkill Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
rose
rxrpc Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
sched Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
sctp sctp: fix call to SCTP_CMD_PROCESS_SACK in sctp_cmd_interpreter() 2012-10-16 14:41:46 -04:00
sunrpc SUNRPC: Get rid of the xs_error_report socket callback 2012-10-24 10:46:15 -04:00
tipc tipc: prevent dropped connections due to rcvbuf overflow 2012-10-04 15:53:48 -04:00
unix af_unix: old_cred is surplus 2012-09-17 13:00:13 -04:00
wanrouter wanmain: comparing array with NULL 2012-07-24 13:55:21 -07:00
wimax
wireless cfg80211/mac80211: avoid state mishmash on deauth 2012-10-15 17:21:34 +02:00
x25 net: Fix (nearly-)kernel-doc comments for various functions 2012-07-10 23:13:45 -07:00
xfrm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
compat.c make get_file() return its argument 2012-09-26 21:10:25 -04:00
Kconfig net: Add INET dependency on aes crypto for the sake of TCP fastopen. 2012-09-04 14:20:14 -04:00
Makefile
nonet.c
socket.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-10-02 20:25:04 -07:00
sysctl_net.c