Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D5186C25B50 for ; Mon, 23 Jan 2023 18:41:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232889AbjAWSlf (ORCPT ); Mon, 23 Jan 2023 13:41:35 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51894 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231615AbjAWSl2 (ORCPT ); Mon, 23 Jan 2023 13:41:28 -0500 Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7836423311 for ; Mon, 23 Jan 2023 10:41:27 -0800 (PST) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 02C585C0099; Mon, 23 Jan 2023 13:41:25 -0500 (EST) Received: from imap46 ([10.202.2.96]) by compute3.internal (MEProxy); Mon, 23 Jan 2023 13:41:25 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verbum.org; h=cc :cc:content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm3; t=1674499284; x=1674585684; bh=b04tMT3kRj Z+uBpaB37Q7ZdEKsIDu2zzLOra+ICrvTU=; b=U5OfNP7ByQvJp4PUA2OBpOiN0d mGUDr1B27nQKUFlpmOvkKOqnDJyB1LZ+MUCZGMV/86/JPsJ3uUKDxtXaIgOPc0SU yo5DbsLK1msMDG0ysogb+Nemy2ddeiyGv5EbTFUPdZ4O5p2a/15dvNViDlNtOZY1 9/lb6q7j9xcE7dKd0UE2VI21hCcJOsraHTLC8xnx/URSGoreLcK7NCfbgcmhaWc2 l0cPkQY/Jo6IoiL/+NfAYCdr+TloeNnoFBfU2i0toW78HMP/dILRdfgkhfeMETzy 2eIYdCKZGGR3A9vcLoy8cnMNKwUWSm535kTUOIHvCfUnQAuq6fsFRFNKwzdA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1674499284; x=1674585684; bh=b04tMT3kRjZ+uBpaB37Q7ZdEKsID u2zzLOra+ICrvTU=; b=QZya3PJ3xZbRU2RDft6oEPjH24QFkcptx2CpV+YpNkvB ZX4E8+GwWHj4zQNasPOFR3NiOhh2OnfUgvBiDM8wL8a0UKtyxW+s98W2UIDJkcyp xfpzEgR4tEcwbzqJSwnpCijYaEbKuGf4FNN2/0DoHouspW2ft7uq11iiRXhewPqB vRaIEqdA0swkFCWxfFm2Z0ZeK5n2Y7TQ2ml7IHwqpX9u2n56miT7Ce7I39/6FeT+ 1sKJtqvtv7vmPVqqzY+WnvFXf+tgp8wUqHX+RkOfLmK38V2bA+FSSaB+EzGjrlMp 2+EAdML3XabWCMQWrvB9BV07lcoW8DrOWnDVBKGAuw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedruddukedguddtgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefofgggkfgjfhffhffvvefutgesthdtredtreertdenucfhrhhomhepfdev ohhlihhnucghrghlthgvrhhsfdcuoeifrghlthgvrhhssehvvghrsghumhdrohhrgheqne cuggftrfgrthhtvghrnhephfejuddthedtgfeuueeltdekfeekvdfgveeifeduteekheff jefgieehheekgeetnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomhepfigrlhhtvghrshesvhgvrhgsuhhmrdhorhhg X-ME-Proxy: Feedback-ID: ibe7c40e9:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id 7E9422A20080; Mon, 23 Jan 2023 13:41:24 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.9.0-alpha0-85-gd6d859e0cf-fm-20230116.001-gd6d859e0 Mime-Version: 1.0 Message-Id: In-Reply-To: <20230120102512.3195094-1-gscrivan@redhat.com> References: <20230120102512.3195094-1-gscrivan@redhat.com> Date: Mon, 23 Jan 2023 13:41:04 -0500 From: "Colin Walters" To: "Giuseppe Scrivano" , linux-kernel@vger.kernel.org Cc: "Kees Cook" , bristot@redhat.com, "Eric W. Biederman" , brauner@kernel.org, "Aleksa Sarai" , "Al Viro" , "Alexander Larsson" , peterz@infradead.org, bmasney@redhat.com Subject: Re: [PATCH v3 1/2] exec: add PR_HIDE_SELF_EXE prctl Content-Type: text/plain Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 20, 2023, at 5:25 AM, Giuseppe Scrivano wrote: > This patch adds a new prctl called PR_HIDE_SELF_EXE which allows > processes to hide their own /proc/*/exe file. When this prctl is > used, every access to /proc/*/exe for the calling process will > fail with ENOENT. How about a mount option for procfs like `mount -t procfs procfs /proc -o rw,nosuid,nodev,magiclink-no-xdev` Where `magiclink-no-xdev` would cause all magic links to fail to cross a pid namespace or so?