On 2018-10-13, Al Viro wrote:
> On Sat, Oct 13, 2018 at 07:53:26PM +1100, Aleksa Sarai wrote:
>
> > I didn't know about path_is_under() -- I just checked and it appears to
> > not take _lock? From my understanding, in order to protect
> > against the rename attack you need to take _lock (or
On 2018-10-13, Al Viro wrote:
> On Sat, Oct 13, 2018 at 07:53:26PM +1100, Aleksa Sarai wrote:
>
> > I didn't know about path_is_under() -- I just checked and it appears to
> > not take _lock? From my understanding, in order to protect
> > against the rename attack you need to take _lock (or
On Sat, Oct 13, 2018 at 07:53:26PM +1100, Aleksa Sarai wrote:
> I didn't know about path_is_under() -- I just checked and it appears to
> not take _lock? From my understanding, in order to protect
> against the rename attack you need to take _lock (or check
> against _lock at least and retry if
On Sat, Oct 13, 2018 at 07:53:26PM +1100, Aleksa Sarai wrote:
> I didn't know about path_is_under() -- I just checked and it appears to
> not take _lock? From my understanding, in order to protect
> against the rename attack you need to take _lock (or check
> against _lock at least and retry if
On 2018-10-13, Al Viro wrote:
> > > > +static inline int nd_alloc_dpathbuf(struct nameidata *nd)
> > > > +{
> > > > + if (unlikely(!nd->dpathbuf)) {
> > > > + if (nd->flags & LOOKUP_RCU) {
> > > > + nd->dpathbuf = kmalloc(PATH_MAX, GFP_ATOMIC);
> > > > +
On 2018-10-13, Al Viro wrote:
> > > > +static inline int nd_alloc_dpathbuf(struct nameidata *nd)
> > > > +{
> > > > + if (unlikely(!nd->dpathbuf)) {
> > > > + if (nd->flags & LOOKUP_RCU) {
> > > > + nd->dpathbuf = kmalloc(PATH_MAX, GFP_ATOMIC);
> > > > +
On Wed, Oct 10, 2018 at 02:37:28AM +1100, Aleksa Sarai wrote:
> > > +static inline int nd_alloc_dpathbuf(struct nameidata *nd)
> > > +{
> > > + if (unlikely(!nd->dpathbuf)) {
> > > + if (nd->flags & LOOKUP_RCU) {
> > > + nd->dpathbuf = kmalloc(PATH_MAX,
On Wed, Oct 10, 2018 at 02:37:28AM +1100, Aleksa Sarai wrote:
> > > +static inline int nd_alloc_dpathbuf(struct nameidata *nd)
> > > +{
> > > + if (unlikely(!nd->dpathbuf)) {
> > > + if (nd->flags & LOOKUP_RCU) {
> > > + nd->dpathbuf = kmalloc(PATH_MAX,
On Tue, Oct 9, 2018 at 5:36 PM Aleksa Sarai wrote:
> On 2018-10-09, 'Jann Horn' via dev wrote:
> > On Tue, Oct 9, 2018 at 9:03 AM Aleksa Sarai wrote:
> > > This patch allows for AT_BENEATH and AT_THIS_ROOT to safely permit ".."
> > > resolution (in the case of AT_BENEATH the resolution will
On Tue, Oct 9, 2018 at 5:36 PM Aleksa Sarai wrote:
> On 2018-10-09, 'Jann Horn' via dev wrote:
> > On Tue, Oct 9, 2018 at 9:03 AM Aleksa Sarai wrote:
> > > This patch allows for AT_BENEATH and AT_THIS_ROOT to safely permit ".."
> > > resolution (in the case of AT_BENEATH the resolution will
On 2018-10-09, 'Jann Horn' via dev wrote:
> On Tue, Oct 9, 2018 at 9:03 AM Aleksa Sarai wrote:
> > This patch allows for AT_BENEATH and AT_THIS_ROOT to safely permit ".."
> > resolution (in the case of AT_BENEATH the resolution will still fail if
> > ".." resolution would resolve a path outside
On 2018-10-09, 'Jann Horn' via dev wrote:
> On Tue, Oct 9, 2018 at 9:03 AM Aleksa Sarai wrote:
> > This patch allows for AT_BENEATH and AT_THIS_ROOT to safely permit ".."
> > resolution (in the case of AT_BENEATH the resolution will still fail if
> > ".." resolution would resolve a path outside
On Tue, Oct 9, 2018 at 9:03 AM Aleksa Sarai wrote:
> This patch allows for AT_BENEATH and AT_THIS_ROOT to safely permit ".."
> resolution (in the case of AT_BENEATH the resolution will still fail if
> ".." resolution would resolve a path outside of the root -- while
> AT_THIS_ROOT will
On Tue, Oct 9, 2018 at 9:03 AM Aleksa Sarai wrote:
> This patch allows for AT_BENEATH and AT_THIS_ROOT to safely permit ".."
> resolution (in the case of AT_BENEATH the resolution will still fail if
> ".." resolution would resolve a path outside of the root -- while
> AT_THIS_ROOT will
This patch allows for AT_BENEATH and AT_THIS_ROOT to safely permit ".."
resolution (in the case of AT_BENEATH the resolution will still fail if
".." resolution would resolve a path outside of the root -- while
AT_THIS_ROOT will chroot(2)-style scope it). "proclink" jumps are still
disallowed
This patch allows for AT_BENEATH and AT_THIS_ROOT to safely permit ".."
resolution (in the case of AT_BENEATH the resolution will still fail if
".." resolution would resolve a path outside of the root -- while
AT_THIS_ROOT will chroot(2)-style scope it). "proclink" jumps are still
disallowed
16 matches
Mail list logo