sys_chroot+sys_fchdir Fix

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: <bunk@...>

Cc: <linux-kernel@...>

Date: Wednesday, September 19, 2007 - 3:19 am

Hello,
here is an fix to an exploit (obtained somewhere in internet). This 
exploit can workaround chroot with CAP_SYS_CHROOT. It is also possible 
(with sufficient filedescriptor (if there is na directory fd opened in 
root) workaround chroot with sys_fchdir. This patch fixes it.

Miloslav Semler

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

sys_chroot+sys_fchdir Fix, majkls, (Wed Sep 19, 3:19 am)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 19, 5:40 am)

Re: sys_chroot+sys_fchdir Fix, Bill Davidsen, (Wed Sep 19, 2:27 pm)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 19, 2:45 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 19, 6:24 pm)

Re: sys_chroot+sys_fchdir Fix, Phillip Susi, (Fri Sep 21, 1:39 pm)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Fri Sep 21, 2:10 pm)

Re: sys_chroot+sys_fchdir Fix, Phillip Susi, (Tue Sep 25, 4:53 pm)

Re: sys_chroot+sys_fchdir Fix, Al Viro, (Tue Sep 25, 8:23 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 6:34 am)

Re: sys_chroot+sys_fchdir Fix, Christer Weinigel, (Wed Sep 26, 3:24 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 5:19 pm)

Re: sys_chroot+sys_fchdir Fix, Christer Weinigel, (Thu Sep 27, 3:28 am)

Re: sys_chroot+sys_fchdir Fix, Theodore Tso, (Thu Sep 27, 7:23 am)

Re: sys_chroot+sys_fchdir Fix, Bill Davidsen, (Thu Sep 27, 10:36 am)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Thu Sep 27, 9:06 pm)

Re: sys_chroot+sys_fchdir Fix, Adrian Bunk, (Wed Sep 26, 5:55 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 7:35 pm)

Re: sys_chroot+sys_fchdir Fix, Adrian Bunk, (Wed Sep 26, 8:01 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Thu Sep 27, 2:42 am)

Re: sys_chroot+sys_fchdir Fix, Adrian Bunk, (Thu Sep 27, 2:53 am)

Re: sys_chroot+sys_fchdir Fix, Al Viro, (Wed Sep 26, 11:59 pm)

Re: sys_chroot+sys_fchdir Fix, Al Viro, (Wed Sep 26, 2:40 pm)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 26, 7:21 am)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 7:22 am)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 26, 7:38 am)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 7:56 am)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 26, 10:10 am)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 12:54 pm)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 26, 1:04 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 1:18 pm)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 26, 1:29 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 1:28 pm)

Re: sys_chroot+sys_fchdir Fix, Chris Adams, (Wed Sep 26, 11:03 am)


linux-kernel:
Ingo Molnar	Re: x86: 4kstacks default
Gabriel C	modpost errors ( Re: 2.6.23-rc6-mm1)
Bart Van Assche	Integration of SCST in the mainstream Linux kernel
Press, Jonathan	RE: [malware-list] [RFC 0/5] [TALPA] Intro to a linux interface foron access scann...
git:

linux-netdev:
David Miller	Re: iptables very slow after commit784544739a25c30637397ace5489eeb6e15d7d49
Natalie Protasevich	[BUG] New Kernel Bugs
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Gerrit Renker	[PATCH 13/37] dccp: Deprecate Ack Ratio sysctl
openbsd-misc:

sys_chroot+sys_fchdir Fix

Online users