Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 20 Nov 2014 01:53:23 -0500 (EST)
From: cve-assign@...re.org
To: luto@...capital.net
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: Linux user namespaces can bypass group-based restrictions - Linux kernel

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> On Linux, if you can unshare your user namespace (which is the case on
> many distributions), then you can map your fsuid and fsgid into the
> new namespace and, inside that namespace, drop all of your other
> groups.
> 
> This may allow you to access files protected by POSIX ACLs as "other",
> even if the ACL should have prohibited it based on one of your
> supplementary group IDs.

> http://thread.gmane.org/gmane.linux.man/7385/

> defeats POSIX ACLs with a group entry that is more restrictive than
> the other entry

> Fedora and Ubuntu are likely to be affected in their default
> configurations.

Use CVE-2014-8989.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJUbY4WAAoJEKllVAevmvmsxoQH/2Kvrfax13v8YJR4subYdAgS
bpVEB+DDGIWrM5UQbGPXNW8yNi1QlodQ7SKWIn0hiJjD81D3+Wepfr7Vsz4Ar3sQ
505IUjDs5DtsRHozSRDmuGvqHKL45XTxO+NDGbi9wTCU5U7soNi6DO4G2+Wd8xJv
/c9OYIdBZC149dE3flAdJa0NrFMdiG5aq1qKznk7SG1JhlNWeoXWjP1J95TTUmW7
vKTbuV6YkkUnBawunazPfWHMVXi9i41xCVVjsqnvt2U6SFFAgfgnlgQ3RPJkwJPt
lpR66qhe6zqfehmdYk//iB8p1EqcSSvC00npG0zHT3jcFLv93ajdEj2T0MWFT0c=
=uITp
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ