Date: Thu, 20 Nov 2014 01:53:23 -0500 (EST) From: cve-assign@...re.org To: luto@...capital.net Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: Linux user namespaces can bypass group-based restrictions - Linux kernel -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > On Linux, if you can unshare your user namespace (which is the case on > many distributions), then you can map your fsuid and fsgid into the > new namespace and, inside that namespace, drop all of your other > groups. > > This may allow you to access files protected by POSIX ACLs as "other", > even if the ACL should have prohibited it based on one of your > supplementary group IDs. > http://thread.gmane.org/gmane.linux.man/7385/ > defeats POSIX ACLs with a group entry that is more restrictive than > the other entry > Fedora and Ubuntu are likely to be affected in their default > configurations. Use CVE-2014-8989. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJUbY4WAAoJEKllVAevmvmsxoQH/2Kvrfax13v8YJR4subYdAgS bpVEB+DDGIWrM5UQbGPXNW8yNi1QlodQ7SKWIn0hiJjD81D3+Wepfr7Vsz4Ar3sQ 505IUjDs5DtsRHozSRDmuGvqHKL45XTxO+NDGbi9wTCU5U7soNi6DO4G2+Wd8xJv /c9OYIdBZC149dE3flAdJa0NrFMdiG5aq1qKznk7SG1JhlNWeoXWjP1J95TTUmW7 vKTbuV6YkkUnBawunazPfWHMVXi9i41xCVVjsqnvt2U6SFFAgfgnlgQ3RPJkwJPt lpR66qhe6zqfehmdYk//iB8p1EqcSSvC00npG0zHT3jcFLv93ajdEj2T0MWFT0c= =uITp -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ