Re: [fuse-devel] [PATCH v4 4/5] fuse: Support privileged xattrs only with a mount option

From: Andy Lutomirski
Date: Tue Oct 21 2014 - 17:45:15 EST


On Tue, Oct 21, 2014 at 2:34 PM, Michael j Theall <mtheall@xxxxxxxxxx> wrote:
> Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote on 10/21/2014 04:27:13 PM:
>> But how does this help with FUSE at all? Does FUSE end up calling
>> xattr_permission?
>>
>> --Andy
>>
>
> The xattr system calls go through xattr_permission before it ever gets to
> the FUSE ops.

But a malicious FUSE filesystem can just put those xattrs there by
fiat, the same way that my old FUSE-based sploit put a setuid root
copy of bash in the filesystem. No setxattr calls are needed.

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/