Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack saf

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack saf

From:	Jann Horn
Subject:	Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers
Date:	Thu, 23 Feb 2017 16:05:02 +0100

On Thu, Feb 23, 2017 at 4:02 PM, Eric Blake <address@hidden> wrote:
> On 02/20/2017 08:40 AM, Greg Kurz wrote:
>> All operations dealing with extended attributes are vulnerable to symlink
>> attacks because they use path-based syscalls which can traverse symbolic
>> links while walking through the dirname part of the path.
>>
>> The solution is to introduce helpers based on opendir_nofollow(). This
>> calls for "at" versions of the extended attribute syscalls, which don't
>> exist unfortunately. This patch implement them by simulating the "at"
>> behavior with fchdir(). Since the current working directory is process
>> wide, and we don't want to confuse another thread in QEMU, all the work
>> is done in a separate process.
>
> Can you emulate *at using /proc/fd/nnn/xyz?

I don't know much about QEMU internals, but QEMU supports running in a
chroot using the -chroot option, right? Does that already require procfs to be
mounted inside the chroot?

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH 04/29] 9pfs: introduce openat_nofollow() helper, (continued)
- [Qemu-devel] [PATCH 05/29] 9pfs: local: keep a file descriptor on the shared folder, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 05/29] 9pfs: local: keep a file descriptor on the shared folder, Stefan Hajnoczi, 2017/02/23
- [Qemu-devel] [PATCH 06/29] 9pfs: local: open/opendir: don't follow symlinks, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 06/29] 9pfs: local: open/opendir: don't follow symlinks, Stefan Hajnoczi, 2017/02/23
- [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Stefan Hajnoczi, 2017/02/23
    - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Greg Kurz, 2017/02/23
  - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Eric Blake, 2017/02/23
    - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Jann Horn <=
    - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Greg Kurz, 2017/02/23
    - Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers, Greg Kurz, 2017/02/23
- [Qemu-devel] [PATCH 08/29] 9pfs: local: lgetxattr: don't follow symlinks, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 08/29] 9pfs: local: lgetxattr: don't follow symlinks, Stefan Hajnoczi, 2017/02/23
- [Qemu-devel] [PATCH 09/29] 9pfs: local: llistxattr: don't follow symlinks, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 09/29] 9pfs: local: llistxattr: don't follow symlinks, Stefan Hajnoczi, 2017/02/23
- [Qemu-devel] [PATCH 10/29] 9pfs: local: lsetxattr: don't follow symlinks, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 10/29] 9pfs: local: lsetxattr: don't follow symlinks, Stefan Hajnoczi, 2017/02/23
- [Qemu-devel] [PATCH 11/29] 9pfs: local: lremovexattr: don't follow symlinks, Greg Kurz, 2017/02/20
  - Re: [Qemu-devel] [PATCH 11/29] 9pfs: local: lremovexattr: don't follow symlinks, Stefan Hajnoczi, 2017/02/23

Prev by Date: Re: [Qemu-devel] Adding an overlay with 'blockdev-add' fails with: "Parameter 'driver' is missing"
Next by Date: Re: [Qemu-devel] [PATCH] memory: make ram device read/write endian sensitive
Previous by thread: Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers
Next by thread: Re: [Qemu-devel] [PATCH 07/29] 9pfs: local: introduce symlink-attack safe xattr helpers
Index(es):
- Date
- Thread