Files · 6e1726f8fb7c5a22538c61ef3828c375cc44d0d1 · zhul / criu

userns: set uid and gid before entering into userns · 6e1726f8

Andrew Vagin authored Feb 17, 2016

> 21.01.2016 02:56, Jann Horn writes:
> Call chain:
>
> cr_dump_tasks -> collect_namespaces(true) ->
> collect_user_namespaces(true) -> walk_namespaces -> collect_user_ns
> -> dump_user_ns -> check_user_ns
>
> This method enters a user namespace with unknown owner with
> euid==(kuid 0). Linux does not guarantee that this is safe; with
> the current upstream kernel, the namespace owner can attach to the
> CRIU process via ptrace and use it to write into /etc/shadow or
> whatever.

Cc: Jann Horn <jann@thejh.net>
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>

6e1726f8

Name	Last commit	Last update
Documentation		Loading commit data...
contrib		Loading commit data...
crit		Loading commit data...
criu		Loading commit data...
images		Loading commit data...
lib		Loading commit data...
scripts		Loading commit data...
test		Loading commit data...
.gitignore		Loading commit data...
.mailmap		Loading commit data...
.travis.yml		Loading commit data...
COPYING		Loading commit data...
CREDITS		Loading commit data...
Makefile		Loading commit data...
Makefile.install		Loading commit data...
Makefile.versions		Loading commit data...
README.md		Loading commit data...

README.md