Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp67509yba; Mon, 1 Apr 2019 01:48:22 -0700 (PDT) X-Google-Smtp-Source: APXvYqy/O32BLRvHZZ+dYPJ5Fn9idig8FqYk9kIh6VkndWG64Nym+ptoBE6po7+CXNzx1AXzdaIR X-Received: by 2002:a63:10c:: with SMTP id 12mr15097770pgb.276.1554108502861; Mon, 01 Apr 2019 01:48:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554108502; cv=none; d=google.com; s=arc-20160816; b=amHCba3lepLgHd3tDT6+4KlZkjKFPkE4EyiGWJX3LyPLYpDrRvrXEWjpcvjPiVmcM4 9l8iTuaPXUdqZoi/WlQ5hlVSKuPkcJKfC8069oCGEPs8nZudkdIFXhLJr6H5oWMlLBrW rCt21lGRUnmr++iT118KquyUso5lT+H/XCnBaGlBSgZtt9iMy01Mo4WrLoLyfNl2Hia6 S7KQMKLcckPNlVaeJ8qJK/mP7krLVjr5VEYsRie5mVNDdaz/qwYbvHVijdtOV9+8u1YF vg2GgspV/5vzmxMZDwpeA3qRYdlypBzBecnbIs6CZ/lGFpvXzbmWsoEPbNqu6qZdHWbM hNCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:subject:content-transfer-encoding :mime-version:user-agent:organization:references:in-reply-to:date:cc :to:from:message-id; bh=gloeEx8RQ+UFWeh6SQUdigUs/CsAjJjA3w25VvoXpC0=; b=QIk03S+CA29/h4MIPV0YeCuc3Kp1tak0qI/yvutyIIwZmcjRTeJCuYVOatDZs3i8PH hkKTYOvqClMhWx5l6jtkIG0QX4rXOtD33vmay4qxMpHYl9IDM9JPt5Ls/pIIbLFpDLvH A5bHLKDIRbJh+g1S4eL2Ra3NfYu9LoO5EjtFXdq4TPnGTTN1ra2DFqdSLntor8Ippq/b fc1/rcDvxRONclmg/Qn1cqYJy2xrM2V2H0Bw0Wly7pwpvMJHAECj8HaBilEYCEGSYlsU 1lB5++LO8LMggNuU2ysM7r3IWvHuqfpeRGDln6f94XQ8a6CIyzTygw7pSnERdsaJxYuh sXlw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g189si2165543pfb.289.2019.04.01.01.48.07; Mon, 01 Apr 2019 01:48:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726879AbfDAIr0 (ORCPT + 99 others); Mon, 1 Apr 2019 04:47:26 -0400 Received: from ou.quest-ce.net ([195.154.187.82]:55638 "EHLO ou.quest-ce.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725843AbfDAIr0 (ORCPT ); Mon, 1 Apr 2019 04:47:26 -0400 Received: from [2a01:e35:39f2:1220:98ae:65aa:acef:50cb] (helo=test.quest-ce.net) by ou.quest-ce.net with esmtpsa (TLS1.1:RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from ) id 1hAsb3-0001DI-KJ; Mon, 01 Apr 2019 10:47:13 +0200 Message-ID: <65440fd9977a2e1f0467b7ece38240e5dac2b736.camel@opteya.com> From: Yann Droneaud To: Jann Horn , Christian Brauner Cc: Linus Torvalds , Andy Lutomirski , Daniel Colascione , Andrew Lutomirski , David Howells , "Serge E. Hallyn" , Linux API , Linux List Kernel Mailing , Arnd Bergmann , "Eric W. Biederman" , Konstantin Khlebnikov , Kees Cook , Alexey Dobriyan , Thomas Gleixner , Michael Kerrisk-manpages , Jonathan Kowalski , "Dmitry V. Levin" , Andrew Morton , Oleg Nesterov , Nagarathnam Muthusamy , Aleksa Sarai , Al Viro , Joel Fernandes Date: Mon, 01 Apr 2019 10:47:11 +0200 In-Reply-To: References: <20190330171215.3yrfxwodstmgzmxy@brauner.io> <132107F4-F56B-4D6E-9E00-A6F7C092E6BD@amacapital.net> <20190331211041.vht7dnqg4e4bilr2@brauner.io> <20190331220259.qntxynluk765hpnt@brauner.io> <20190331223355.vfbnnkmevl63etvv@brauner.io> Organization: OPTEYA Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.32.0 (3.32.0-1.fc30) MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SA-Exim-Connect-IP: 2a01:e35:39f2:1220:98ae:65aa:acef:50cb X-SA-Exim-Mail-From: ydroneaud@opteya.com X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ou.quest-ce.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.3.2 Subject: Re: [PATCH v2 0/5] pid: add pidfd_open() X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:24:06 +0000) X-SA-Exim-Scanned: Yes (on ou.quest-ce.net) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, Le lundi 01 avril 2019 à 02:52 +0200, Jann Horn a écrit : > One minor detail to keep in mind for the future is that in a > straightforward implementation of this concept, if a non-capable > process is running in a mount namespace, but in the initial network > namespace, without any reachable /proc mount, it will be able to look > at information about other processes' network connections by first > using pidfd_open() on itself or by using clone(CLONE_PIDFD), then > looking at the "net" directory under the resulting file descriptor. I also think it would punch a hole in chroot() ... (but in 2019, nobody should rely on it for security purpose). Regards. -- Yann Droneaud OPTEYA