Date: Fri, 4 Sep 2015 23:55:45 -0400 (EDT) From: cve-assign@...re.org To: seth.arnold@...onical.com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, siddharth@...hat.com, fw@...eb.enyo.de Subject: Re: CVE Request for glusterfs: fuse check return value of setuid -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > does it hinge upon the util-linux "aren't running suid" behaviour Our initial thought is that, if a mount program doesn't care about the real UID, then the glusterfs setuid(0) calls are probably unnecessary and checking their return values probably doesn't accomplish anything. One conceivable exception is a mount implementation that maintains an association between each mount entry and the real UID that established that mount entry, and also requires a special option for root to unmount a filesystem that was mounted by a non-root user. For example, if a setuid(0) call failed during a mount, then there could be an association between /home/alice/fs1 and alice's real UID. Here, root would be authorized to unmount /home/alice/fs1, but the specific /bin/umount command-line options hardcoded in glusterfs would not work. Therefore, alice might be forced to leave /home/alice/fs1 mounted unless she were able to cause a setuid(0) call to fail during an unmount. This might have security relevance if /home/alice/fs1 contained private files, and alice's original intention was to have that filesystem mounted for a very short time. We don't know if any real mount software meets those requirements. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJV6mbjAAoJEL54rhJi8gl5i8gP/3n0swiSu7rTejnlZFb1SCcz byTWd9uCAmSreUvmDrKjaLpX1wlb/+OUorn8D2BrbLeU0Il21gCIko9/PUgFPYov mUyICbjpLU8poPj7qMZrUeew1MtT3K6CvEDlmZYfHx7k0lmTglqxUa+b+hYpBpM5 QXSBWxYfdG6HVKZeI/rp/nCmHQaJ206H6wIc8xL5S9j1cnJnxamekEJabD2riA8G X2sx3YpNgpFoEWDQ/A3rkx9RYzFBAFwfwZoTl0Y3rxbc90UvVPzZBVu3xdhie95a GkefgsHlBoLIXP/mJZT67UMkJSsjawwlroYS/vXzM9aD6xQyV6Lf4w3efFn5kPFx ldcknoCEN9isudQGzXmJY/2Oa8SToroq+D3LO+xsRwcGTETNJKmroAuRxLeD1urd 9bsceZc7+rTXyzwjgMHZxg4yAOLEkPpOFpt6+ORL/Q3I7b3LZiZnFM2XGBIP1xnH iN6A9HT0aTn1dg9Zqf3iIU0KORmw6VcCzADWolhYHah4ErZb791v0+bnmUPwmis/ ELts8J2wbQHh2aZG8xx1vjWMXFT2rK2TaeynYFl6Budlu/bux3kwI+svYF5Y1y8S rI7Vh1kMYKQD7wzIDny7dGRYjGTeGvyxUqkYCg2yVGMW+ysaXJxEJMoee4DdU+k1 ouv13LJehJXWIF559jAI =4yop -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ