virtiofsd: jail lo->proc_self_fd (397ae982) · Commits · Anton / libtcg

Commit 397ae982 authored 5 years ago by Miklos Szeredi Committed by Dr. David Alan Gilbert 4 years ago

virtiofsd: jail lo->proc_self_fd


While it's not possible to escape the proc filesystem through
lo->proc_self_fd, it is possible to escape to the root of the proc
filesystem itself through "../..".

Use a temporary mount for opening lo->proc_self_fd, that has it's root at
/proc/self/fd/, preventing access to the ancestor directories.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Message-Id: <20200429124733.22488-1-mszeredi@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

parent 8c1d353d

No related branches found

No related tags found

No related merge requests found

Hide whitespace changes

Inline Side-by-side

Showing with 25 additions and 2 deletions

Please register or to comment