Re: [1/1] Use pid in inotify events. - Kernel

This is a discussion on Re: [1/1] Use pid in inotify events. - Kernel ; On Sat, Nov 08, 2008 at 01:35:07PM -0500, Robert Love (rlove@rlove.org) wrote: > Pointing out some other information leak doesn't lessen the pid problem. I just wanted to show that this is not a security problem. Since there are others ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: [1/1] Use pid in inotify events.

  1. Re: [1/1] Use pid in inotify events.

    On Sat, Nov 08, 2008 at 01:35:07PM -0500, Robert Love (rlove@rlove.org) wrote:
    > Pointing out some other information leak doesn't lessen the pid problem.


    I just wanted to show that this is not a security problem.
    Since there are others probably even more important.

    But I really do not want to start to discuss this, since I already see
    that result will be effectively zero, so returning to the original
    problem with putting pid into events: if inotify_init() caller has 0
    (e)uid or if IO origin has the same (e)uid, are you ok to put pid into
    the event?

    --
    Evgeniy Polyakov
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  2. Re: [1/1] Use pid in inotify events.

    On Sat, Nov 08, 2008 at 09:40:13PM +0300, Evgeniy Polyakov (zbr@ioremap.net) wrote:
    > But I really do not want to start to discuss this, since I already see
    > that result will be effectively zero, so returning to the original
    > problem with putting pid into events: if inotify_init() caller has 0
    > (e)uid or if IO origin has the same (e)uid, are you ok to put pid into
    > the event?


    Something like this (not tested yet, no normal network access).

    Signed-off.

    diff --git a/fs/inotify.c b/fs/inotify.c
    index 690e725..121f025 100644
    --- a/fs/inotify.c
    +++ b/fs/inotify.c
    @@ -80,6 +80,7 @@ struct inotify_handle {
    struct list_head watches; /* list of watches */
    atomic_t count; /* reference count */
    u32 last_wd; /* the last wd allocated */
    + uid_t uid; /* watcher's uid */
    const struct inotify_operations *in_ops; /* inotify caller operations */
    };

    @@ -292,6 +293,10 @@ void inotify_inode_queue_event(struct inode *inode, u32 mask, u32 cookie,
    mutex_lock(&ih->mutex);
    if (watch_mask & IN_ONESHOT)
    remove_watch_no_event(watch, ih);
    +
    + if (!cookie && (ih->uid == 0 ||
    + ih->uid == current->user->uid))
    + cookie = task_tgid_vnr(current);
    ih->in_ops->handle_event(watch, watch->wd, mask, cookie,
    name, n_inode);
    mutex_unlock(&ih->mutex);
    diff --git a/fs/inotify_user.c b/fs/inotify_user.c
    index 6024942..e426f7c 100644
    --- a/fs/inotify_user.c
    +++ b/fs/inotify_user.c
    @@ -612,6 +612,8 @@ asmlinkage long sys_inotify_init1(int flags)
    dev->ih = ih;
    dev->fa = NULL;

    + ih->uid = user->uid;
    +
    filp->f_op = &inotify_fops;
    filp->f_path.mnt = mntget(inotify_mnt);
    filp->f_path.dentry = dget(inotify_mnt->mnt_root);


    --
    Evgeniy Polyakov
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

+ Reply to Thread