Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933836AbaJUVpM (ORCPT ); Tue, 21 Oct 2014 17:45:12 -0400 Received: from mail-la0-f42.google.com ([209.85.215.42]:38354 "EHLO mail-la0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933691AbaJUVox (ORCPT ); Tue, 21 Oct 2014 17:44:53 -0400 MIME-Version: 1.0 In-Reply-To: References: <1413296756-25071-1-git-send-email-seth.forshee@canonical.com> <1413296756-25071-5-git-send-email-seth.forshee@canonical.com> <878ukis9oh.fsf@x220.int.ebiederm.org> <20141014205955.GA10908@ubuntu-mba51> <877g02pd7f.fsf@x220.int.ebiederm.org> <20141015073951.GB10908@ubuntu-mba51> <20141021212151.GB83801@ubuntu-hedt> From: Andy Lutomirski Date: Tue, 21 Oct 2014 14:44:31 -0700 Message-ID: Subject: Re: [fuse-devel] [PATCH v4 4/5] fuse: Support privileged xattrs only with a mount option To: Michael j Theall Cc: "Eric W. Biederman" , fuse-devel@lists.sourceforge.net, Linux FS Devel , "linux-kernel@vger.kernel.org" , Miklos Szeredi , "Serge H. Hallyn" Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Oct 21, 2014 at 2:34 PM, Michael j Theall wrote: > Andy Lutomirski wrote on 10/21/2014 04:27:13 PM: >> But how does this help with FUSE at all? Does FUSE end up calling >> xattr_permission? >> >> --Andy >> > > The xattr system calls go through xattr_permission before it ever gets to > the FUSE ops. But a malicious FUSE filesystem can just put those xattrs there by fiat, the same way that my old FUSE-based sploit put a setuid root copy of bash in the filesystem. No setxattr calls are needed. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/