Re: NFS4 authentification / fsuid

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Trond Myklebust

Subject: Re: NFS4 authentification / fsuid

Date: Thursday, September 6, 2007 - 4:32 pm

On Fri, 2007-09-07 at 01:21 +0200, Trond Myklebust wrote:
quoted text> On Thu, 2007-09-06 at 11:11 -0400, J. Bruce Fields wrote:
> > On Thu, Sep 06, 2007 at 01:59:50PM +0530, Satyam Sharma wrote:
> > > Oh and btw, note that we're talking of the (lack of) security of a
> > > "running kernel" here -- because across reboots, there is /really/
> > > *absolutely* no such thing as "kernelspace security" because the superuser
> > > will simply switch the vmlinuz itself ...
> > 
> > Well, the machine could be booting from cdrom, and could live in a
> > locked machine room.  Or people with root on a virtual host don't
> > necessarily have the ability to replace the kernel for that host.
> 
> mount -t tmpfs none /my_tmpfs
> cd /my_tmpfs
> cp -a /bin bin
> cp -p my_keylogging_pam_module.so lib
> pivot_root . /old-root

Sorry. Of course, you have to copy the entire /lib, etc. onto the tmpfs,
but you get the gist....

The point is that it is easy to subvert userspace if you have enough
privileges. In the above example it may not be entirely undetectable,
but who here is running a script on every login to check that / is
indeed uncompromised?

Trond

-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

NFS4 authentification / fsuid, Jan Engelhardt, (Thu Aug 30, 7:12 am)

Re: NFS4 authentification / fsuid, Trond Myklebust, (Thu Aug 30, 7:29 am)

Re: NFS4 authentification / fsuid, Trond Myklebust, (Thu Aug 30, 7:32 am)

Re: NFS4 authentification / fsuid, Jan Engelhardt, (Thu Aug 30, 7:42 am)

Re: NFS4 authentification / fsuid, Trond Myklebust, (Thu Aug 30, 8:04 am)

Re: NFS4 authentification / fsuid, J. Bruce Fields, (Thu Aug 30, 8:12 am)

Re: NFS4 authentification / fsuid, J. Bruce Fields, (Thu Aug 30, 2:44 pm)

Re: NFS4 authentification / fsuid, Satyam Sharma, (Thu Sep 6, 1:14 am)

Re: NFS4 authentification / fsuid, Satyam Sharma, (Thu Sep 6, 1:29 am)

Re: NFS4 authentification / fsuid, J. Bruce Fields, (Thu Sep 6, 8:06 am)

Re: NFS4 authentification / fsuid, J. Bruce Fields, (Thu Sep 6, 8:11 am)

Re: NFS4 authentification / fsuid, Trond Myklebust, (Thu Sep 6, 4:21 pm)

Re: NFS4 authentification / fsuid, Kyle Moffett, (Thu Sep 6, 4:30 pm)

Re: NFS4 authentification / fsuid, Trond Myklebust, (Thu Sep 6, 4:32 pm)

Re: NFS4 authentification / fsuid, Trond Myklebust, (Thu Sep 6, 4:35 pm)

Re: NFS4 authentification / fsuid, Kyle Moffett, (Thu Sep 6, 5:56 pm)

Re: NFS4 authentification / fsuid, Trond Myklebust, (Thu Sep 6, 10:14 pm)

Re: NFS4 authentification / fsuid, Kyle Moffett, (Thu Sep 6, 10:47 pm)

Re: NFS4 authentification / fsuid, Bernd Eckenfels, (Thu Sep 6, 11:37 pm)

Re: NFS4 authentification / fsuid, J. Bruce Fields, (Fri Sep 7, 8:34 am)

Re: NFS4 authentification / fsuid, Satyam Sharma, (Tue Sep 18, 4:12 pm)

Re: NFS4 authentification / fsuid, Satyam Sharma, (Tue Sep 18, 4:27 pm)

Re: NFS4 authentification / fsuid, Satyam Sharma, (Tue Sep 18, 4:44 pm)

Re: NFS4 authentification / fsuid, Satyam Sharma, (Tue Sep 18, 4:48 pm)

Re: NFS4 authentification / fsuid, Kyle Moffett, (Tue Sep 18, 10:16 pm)

Re: NFS4 authentification / fsuid, Satyam Sharma, (Wed Sep 19, 5:16 am)

Re: NFS4 authentification / fsuid, Kyle Moffett, (Wed Sep 19, 6:49 am)

Re: NFS4 authentification / fsuid, Satyam Sharma, (Wed Sep 19, 7:12 am)

Re: NFS4 authentification / fsuid, J. Bruce Fields, (Wed Sep 19, 8:01 am)

Re: NFS4 authentification / fsuid, Valdis.Kletnieks, (Wed Sep 19, 9:38 am)

Re: NFS4 authentification / fsuid, Satyam Sharma, (Thu Sep 20, 12:03 am)

Re: NFS4 authentification / fsuid, Satyam Sharma, (Thu Sep 20, 12:15 am)


linux-kernel:
Frederic Weisbecker	[PATCH v2] struct sort_entry has a callback named snprintf that turns an entry int...
FUJITA Tomonori	Re: [Scst-devel] Integration of SCST in the mainstream Linux kernel
Jens Axboe	Re: [BUG] Linux 2.6.25-rc2 - Regression from 2.6.24-rc1-git1 softlockup while bo...
Andrew Morton	Re: [PATCH v3 0/4] Introduce hardware spinlock framework
Jeff Garzik	Re: 2.6.23-rc7-mm1 AHCI ATA errors -- won't boot
git:
Junio C Hamano	Re: git-svnimport
Michal Sojka	[PATCHv5 1/2] filter-branch: Fix to allow replacing submodules with another content
Junio C Hamano	Re: Fwd: git status options feature suggestion
Johannes Schindelin	Re: [PATCH] Fix approxidate("never") to always return 0
A Large Angry SCM	Re: [RFC] origin link for cherry-pick and revert
linux-netdev:
Arnaldo Carvalho de Melo	Re: [PATCH 06/37] dccp: Limit feature negotiation to connection setup phase
Gerrit Renker	[PATCH 1/5] dccp: Initialisation framework for feature negotiation
Ursula Braun	[patch 2/8] [PATCH] af_iucv: sync sk shutdown flag if iucv path is quiesced
Daniel Lezcano	getsockopt(TCP_DEFER_ACCEPT) value change
David Miller	Re: 2.6.27.18: bnx2/tg3: BUG: "scheduling while atomic" trying to ifenslave a seco...
git-commits-head:
Linux Kernel Mailing List	ARM: S3C64XX: DMA: Callback with correct buffer pointer
Linux Kernel Mailing List	sata_mv: drop unncessary EH callback resetting
Linux Kernel Mailing List	timer: Try to survive timer callback preempt_count leak
Linux Kernel Mailing List	powerpc/kexec: Add support for FSL-BookE
Linux Kernel Mailing List	ARM: 5670/1: bcmring: add default configuration for bcmring arch
openbsd-misc:
Rene Maroufi	smtpd: Aliases only work with for local alias aliases
Stephen J. Bevan	GRE over IPsec
Christophe Rioux	Implementation example of snmp
Darrin Chandler	Re: strange output on openbsd C code
Nick Holland	Re: booting openbsd on eee without cd-rom