Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri,  4 Sep 2015 23:55:45 -0400 (EDT)
From: cve-assign@...re.org
To: seth.arnold@...onical.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, siddharth@...hat.com, fw@...eb.enyo.de
Subject: Re: CVE Request for glusterfs:  fuse check return value of setuid

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> does it hinge upon the util-linux "aren't running suid" behaviour

Our initial thought is that, if a mount program doesn't care about the
real UID, then the glusterfs setuid(0) calls are probably unnecessary
and checking their return values probably doesn't accomplish anything.
One conceivable exception is a mount implementation that maintains an
association between each mount entry and the real UID that established
that mount entry, and also requires a special option for root to
unmount a filesystem that was mounted by a non-root user. For example,
if a setuid(0) call failed during a mount, then there could be an
association between /home/alice/fs1 and alice's real UID. Here, root
would be authorized to unmount /home/alice/fs1, but the specific
/bin/umount command-line options hardcoded in glusterfs would not
work. Therefore, alice might be forced to leave /home/alice/fs1
mounted unless she were able to cause a setuid(0) call to fail during
an unmount. This might have security relevance if /home/alice/fs1
contained private files, and alice's original intention was to have
that filesystem mounted for a very short time.

We don't know if any real mount software meets those requirements.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJV6mbjAAoJEL54rhJi8gl5i8gP/3n0swiSu7rTejnlZFb1SCcz
byTWd9uCAmSreUvmDrKjaLpX1wlb/+OUorn8D2BrbLeU0Il21gCIko9/PUgFPYov
mUyICbjpLU8poPj7qMZrUeew1MtT3K6CvEDlmZYfHx7k0lmTglqxUa+b+hYpBpM5
QXSBWxYfdG6HVKZeI/rp/nCmHQaJ206H6wIc8xL5S9j1cnJnxamekEJabD2riA8G
X2sx3YpNgpFoEWDQ/A3rkx9RYzFBAFwfwZoTl0Y3rxbc90UvVPzZBVu3xdhie95a
GkefgsHlBoLIXP/mJZT67UMkJSsjawwlroYS/vXzM9aD6xQyV6Lf4w3efFn5kPFx
ldcknoCEN9isudQGzXmJY/2Oa8SToroq+D3LO+xsRwcGTETNJKmroAuRxLeD1urd
9bsceZc7+rTXyzwjgMHZxg4yAOLEkPpOFpt6+ORL/Q3I7b3LZiZnFM2XGBIP1xnH
iN6A9HT0aTn1dg9Zqf3iIU0KORmw6VcCzADWolhYHah4ErZb791v0+bnmUPwmis/
ELts8J2wbQHh2aZG8xx1vjWMXFT2rK2TaeynYFl6Budlu/bux3kwI+svYF5Y1y8S
rI7Vh1kMYKQD7wzIDny7dGRYjGTeGvyxUqkYCg2yVGMW+ysaXJxEJMoee4DdU+k1
ouv13LJehJXWIF559jAI
=4yop
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ