Re: RFC: disablenetwork facility. (v4)

From: Alan Cox
Date: Tue Dec 29 2009 - 16:33:56 EST


> The security hole is that secrets in a setuid application with
> other-exec but no other-read permission can be read when the
> filesystem is mounted nosuid.

Erm no

We enforce the following anyway to prevent execution being permitted to
make file copies. Most Unixen do although its historical value is
primarily to prevent people "stealing valuable proprietary intellectual
software assets".


} else if (file_permission(bprm->file, MAY_READ) ||
bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP)
{
set_dumpable(current->mm, suid_dumpable);
}

There does appear to be a small race in modern versions of that code
which wants swatting.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/