| commit | 397ae982f4df46e7d4b2625c431062c9146f3b83 | |
| author | Miklos Szeredi <mszeredi@redhat.com> | |
| Wed, 29 Apr 2020 12:47:33 +0000 (29 14:47 +0200) | ||
| committer | Dr. David Alan Gilbert <dgilbert@redhat.com> | |
| Fri, 1 May 2020 17:46:54 +0000 (1 18:46 +0100) | ||
| tree | 7b22232304db1e20f9f9c47b5636e9590331f39d | treesnapshot (tar.gz zip) |
| parent | 8c1d353d107b4fc344e27f2f08ea7fa25de2eea2 | commitdiff |
virtiofsd: jail lo->proc_self_fd
While it's not possible to escape the proc filesystem through
lo->proc_self_fd, it is possible to escape to the root of the proc
filesystem itself through "../..".
Use a temporary mount for opening lo->proc_self_fd, that has it's root at
/proc/self/fd/, preventing access to the ancestor directories.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Message-Id: <20200429124733.22488-1-mszeredi@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
While it's not possible to escape the proc filesystem through
lo->proc_self_fd, it is possible to escape to the root of the proc
filesystem itself through "../..".
Use a temporary mount for opening lo->proc_self_fd, that has it's root at
/proc/self/fd/, preventing access to the ancestor directories.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Message-Id: <20200429124733.22488-1-mszeredi@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
| tools/virtiofsd/passthrough_ll.c | diffblobblamehistory |