Re: sys_chroot+sys_fchdir Fix

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: majkls <majkls@...>

Cc: <bunk@...>, <linux-kernel@...>

Date: Wednesday, September 19, 2007 - 5:40 am

On Wed, 19 Sep 2007 09:19:50 +0200
majkls <majkls@prepere.com> wrote:

quoted text> Hello,
> here is an fix to an exploit (obtained somewhere in internet). This 
> exploit can workaround chroot with CAP_SYS_CHROOT. It is also possible 
> (with sufficient filedescriptor (if there is na directory fd opened in 
> root) workaround chroot with sys_fchdir. This patch fixes it.


If you have the ability to use chroot() you are root. If you are root you
can walk happily out of any chroot by a thousand other means.

Alan
-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

sys_chroot+sys_fchdir Fix, majkls, (Wed Sep 19, 3:19 am)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 19, 5:40 am)

Re: sys_chroot+sys_fchdir Fix, Bill Davidsen, (Wed Sep 19, 2:27 pm)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 19, 2:45 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 19, 6:24 pm)

Re: sys_chroot+sys_fchdir Fix, Phillip Susi, (Fri Sep 21, 1:39 pm)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Fri Sep 21, 2:10 pm)

Re: sys_chroot+sys_fchdir Fix, Phillip Susi, (Tue Sep 25, 4:53 pm)

Re: sys_chroot+sys_fchdir Fix, Al Viro, (Tue Sep 25, 8:23 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 6:34 am)

Re: sys_chroot+sys_fchdir Fix, Christer Weinigel, (Wed Sep 26, 3:24 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 5:19 pm)

Re: sys_chroot+sys_fchdir Fix, Christer Weinigel, (Thu Sep 27, 3:28 am)

Re: sys_chroot+sys_fchdir Fix, Theodore Tso, (Thu Sep 27, 7:23 am)

Re: sys_chroot+sys_fchdir Fix, Bill Davidsen, (Thu Sep 27, 10:36 am)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Thu Sep 27, 9:06 pm)

Re: sys_chroot+sys_fchdir Fix, Adrian Bunk, (Wed Sep 26, 5:55 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 7:35 pm)

Re: sys_chroot+sys_fchdir Fix, Adrian Bunk, (Wed Sep 26, 8:01 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Thu Sep 27, 2:42 am)

Re: sys_chroot+sys_fchdir Fix, Adrian Bunk, (Thu Sep 27, 2:53 am)

Re: sys_chroot+sys_fchdir Fix, Al Viro, (Wed Sep 26, 11:59 pm)

Re: sys_chroot+sys_fchdir Fix, Al Viro, (Wed Sep 26, 2:40 pm)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 26, 7:21 am)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 7:22 am)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 26, 7:38 am)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 7:56 am)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 26, 10:10 am)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 12:54 pm)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 26, 1:04 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 1:18 pm)

Re: sys_chroot+sys_fchdir Fix, Alan Cox, (Wed Sep 26, 1:29 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Wed Sep 26, 1:28 pm)

Re: sys_chroot+sys_fchdir Fix, Chris Adams, (Wed Sep 26, 11:03 am)


linux-kernel:
debian developer	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Greg KH	[GIT PATCH] driver core patches against 2.6.24
James Bottomley	Re: Integration of SCST in the mainstream Linux kernel
Tony Lindgren	[PATCH 75/90] ARM: OMAP: 243x: Add mappings for SDRC and SMS
git:

linux-netdev:
Antonio Almeida	HTB accuracy for high speed
Radu Rendec	htb parallelism on multi-core platforms
Christoph Lameter	Network latency regressions from 2.6.22 to 2.6.29
Linus Torvalds	Re: [GIT]: Networking
openbsd-misc:

Re: sys_chroot+sys_fchdir Fix

Online users