Re: [PATCH 2/2] net: Implement SO_PASSCGROUP to enable passing cgroup path
From: Andy Lutomirski
Date: Thu Apr 17 2014 - 13:35:55 EST
On Thu, Apr 17, 2014 at 10:33 AM, Simo Sorce <ssorce@xxxxxxxxxx> wrote:
> On Thu, 2014-04-17 at 10:26 -0700, Andy Lutomirski wrote:
>>
>> Not really. write(2) can't send SCM_CGROUP. Callers of sendmsg(2)
>> who supply SCM_CGROUP are explicitly indicating that they want their
>> cgroup associated with that message. Callers of write(2) and send(2)
>> are simply indicating that they have some bytes that they want to
>> shove into whatever's at the other end of the fd.
>
> But there is no attack vector that passes by tricking setuid binaries to
> write to pre-opened file descriptors on sendmsg(), and for the other
> cases (connected socket) journald can always cross check with
> SO_PEERCGROUP, so why do we care again ?
Because the proposed code does not do what I described, at least as
far I as I can tell.
--Andy
--
Andy Lutomirski
AMA Capital Management, LLC
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/