linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed
From: Andy Lutomirski <luto@amacapital.net>
To: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Andy Lutomirski <luto@kernel.org>,
	"security@kernel.org" <security@kernel.org>,
	Konstantin Khlebnikov <koct9i@gmail.com>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Kees Cook <keescook@chromium.org>, Willy Tarreau <w@1wt.eu>,
	"linux-mm@kvack.org" <linux-mm@kvack.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	yalin wang <yalin.wang2010@gmail.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Jan Kara <jack@suse.cz>,
	Linux FS Devel <linux-fsdevel@vger.kernel.org>,
	Frank Filz <ffilzlnx@mindspring.com>,
	Linux API <linux-api@vger.kernel.org>
Subject: Re: [PATCH v2 0/2] setgid hardening
Date: Mon, 30 Jan 2017 19:56:04 -0800	[thread overview]
Message-ID: <CALCETrUuR-ZkvEs0_5aN4yyyR34jYcJj7-_VjOv4nJWu6fvOjA@mail.gmail.com> (raw)
In-Reply-To: <CAHO5Pa21FTT9ZRiYbAQ43=Zd+qwP4KXgCbs+40iQ3cV_LPSR3Q@mail.gmail.com>

On Mon, Jan 30, 2017 at 7:49 PM, Michael Kerrisk <mtk.manpages@gmail.com> wrote:
> [CC += linux-api@]
>
> Andy, this is an API change!

Indeed.  I should be ashamed of myself!

>
> On Sat, Jan 28, 2017 at 3:49 PM, Andy Lutomirski <luto@kernel.org> wrote:
>> The kernel has some dangerous behavior involving the creation and
>> modification of setgid executables.  These issues aren't kernel
>> security bugs per se, but they have been used to turn various
>> filesystem permission oddities into reliably privilege escalation
>> exploits.
>>
>> See http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/
>> for a nice writeup.
>>
>> Let's fix them for real.
>>
>> Changes from v1:
>>  - Fix uninitialized variable issue (Willy, Ben)
>>  - Also check current creds in should_remove_suid() (Ben)
>>
>> Andy Lutomirski (2):
>>   fs: Check f_cred as well as of current's creds in should_remove_suid()
>>   fs: Harden against open(..., O_CREAT, 02777) in a setgid directory
>>
>>  fs/inode.c         | 61 ++++++++++++++++++++++++++++++++++++++++++++++--------
>>  fs/internal.h      |  2 +-
>>  fs/ocfs2/file.c    |  4 ++--
>>  fs/open.c          |  2 +-
>>  include/linux/fs.h |  2 +-
>>  5 files changed, 57 insertions(+), 14 deletions(-)
>>
>> --
>> 2.9.3
>>
>> --
>> To unsubscribe, send a message with 'unsubscribe linux-mm' in
>> the body to majordomo@kvack.org.  For more info on Linux MM,
>> see: http://www.linux-mm.org/ .
>> Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
>
>
>
> --
> Michael Kerrisk Linux man-pages maintainer;
> http://www.kernel.org/doc/man-pages/
> Author of "The Linux Programming Interface", http://blog.man7.org/



-- 
Andy Lutomirski
AMA Capital Management, LLC

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

      reply	other threads:[~2017-01-31  3:56 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-01-28  2:49 Andy Lutomirski
2017-01-28  2:49 ` [PATCH v2 1/2] fs: Check f_cred as well as of current's creds in should_remove_suid() Andy Lutomirski
2017-01-31  3:50   ` Michael Kerrisk
2017-01-31 11:43   ` Jeff Layton
2017-01-28  2:49 ` [PATCH v2 2/2] fs: Harden against open(..., O_CREAT, 02777) in a setgid directory Andy Lutomirski
2017-01-31  3:50   ` Michael Kerrisk
2017-01-31 11:43   ` Jeff Layton
2017-01-31 16:51     ` Andy Lutomirski
2017-01-31  3:49 ` [PATCH v2 0/2] setgid hardening Michael Kerrisk
2017-01-31  3:56   ` Andy Lutomirski [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CALCETrUuR-ZkvEs0_5aN4yyyR34jYcJj7-_VjOv4nJWu6fvOjA@mail.gmail.com \
    --to=luto@amacapital.net \
    --cc=akpm@linux-foundation.org \
    --cc=ffilzlnx@mindspring.com \
    --cc=jack@suse.cz \
    --cc=keescook@chromium.org \
    --cc=koct9i@gmail.com \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=luto@kernel.org \
    --cc=mtk.manpages@gmail.com \
    --cc=security@kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    --cc=w@1wt.eu \
    --cc=yalin.wang2010@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox