Date: Fri, 4 Sep 2015 23:55:45 -0400 (EDT) From: cve-assign@...re.org To: seth.arnold@...onical.com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, siddharth@...hat.com, fw@...eb.enyo.de Subject: Re: CVE Request for glusterfs: fuse check return value of setuid -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > does it hinge upon the util-linux "aren't running suid" behaviour Our initial thought is that, if a mount program doesn't care about the real UID, then the glusterfs setuid(0) calls are probably unnecessary and checking their return values probably doesn't accomplish anything. One conceivable exception is a mount implementation that maintains an association between each mount entry and the real UID that established that mount entry, and also requires a special option for root to unmount a filesystem that was mounted by a non-root user. For example, if a setuid(0) call failed during a mount, then there could be an association between /home/alice/fs1 and alice's real UID. Here, root would be authorized to unmount /home/alice/fs1, but the specific /bin/umount command-line options hardcoded in glusterfs would not work. Therefore, alice might be forced to leave /home/alice/fs1 mounted unless she were able to cause a setuid(0) call to fail during an unmount. This might have security relevance if /home/alice/fs1 contained private files, and alice's original intention was to have that filesystem mounted for a very short time. We don't know if any real mount software meets those requirements. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJV6mbjAAoJEL54rhJi8gl5i8gP/3n0swiSu7rTejnlZFb1SCcz byTWd9uCAmSreUvmDrKjaLpX1wlb/+OUorn8D2BrbLeU0Il21gCIko9/PUgFPYov mUyICbjpLU8poPj7qMZrUeew1MtT3K6CvEDlmZYfHx7k0lmTglqxUa+b+hYpBpM5 QXSBWxYfdG6HVKZeI/rp/nCmHQaJ206H6wIc8xL5S9j1cnJnxamekEJabD2riA8G X2sx3YpNgpFoEWDQ/A3rkx9RYzFBAFwfwZoTl0Y3rxbc90UvVPzZBVu3xdhie95a GkefgsHlBoLIXP/mJZT67UMkJSsjawwlroYS/vXzM9aD6xQyV6Lf4w3efFn5kPFx ldcknoCEN9isudQGzXmJY/2Oa8SToroq+D3LO+xsRwcGTETNJKmroAuRxLeD1urd 9bsceZc7+rTXyzwjgMHZxg4yAOLEkPpOFpt6+ORL/Q3I7b3LZiZnFM2XGBIP1xnH iN6A9HT0aTn1dg9Zqf3iIU0KORmw6VcCzADWolhYHah4ErZb791v0+bnmUPwmis/ ELts8J2wbQHh2aZG8xx1vjWMXFT2rK2TaeynYFl6Budlu/bux3kwI+svYF5Y1y8S rI7Vh1kMYKQD7wzIDny7dGRYjGTeGvyxUqkYCg2yVGMW+ysaXJxEJMoee4DdU+k1 ouv13LJehJXWIF559jAI =4yop -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.