Re: [Qemu-devel] Re: [V8 PATCH 11/11] virtio-9p: Chroot environment for

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Re: [V8 PATCH 11/11] virtio-9p: Chroot environment for

From:	Venkateswararao Jujjuri (JV)
Subject:	Re: [Qemu-devel] Re: [V8 PATCH 11/11] virtio-9p: Chroot environment for other functions
Date:	Thu, 10 Mar 2011 21:54:18 -0800
User-agent:	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.15) Gecko/20110303 Thunderbird/3.1.9

On 3/10/2011 4:29 AM, Stefan Hajnoczi wrote:
> On Wed, Mar 9, 2011 at 5:16 PM, M. Mohan Kumar <address@hidden> wrote:
>> Add chroot functionality for systemcalls that can operate on a file
>> using relative directory file descriptor.
> 
> I suspect the relative directory approach is broken and escapes the
> chroot.  Here's why:
> 
> The request is local_chmod(fs_ctx, "/..", credp).  dirname("/..") is
> "/" and basename("..") is "..".

We should never receive protocol operations with relative path.
Client should always resolve to full path and send the request.
If the client is malicious this scenario can be be possible.. but in that case
it is fine to fail the operation.

Thanks,
JV

> I'm not 100% sure of the semantics but I suspect that chmodat(dir_fd,
> "..", ...) does not honor the chroot since your current task is not
> inside the chroot.  If so, then you can manipulate the parent
> directory of the chroot using some of the operations added in this
> patch.
> 
> The safe solution is to perform all operations inside the chroot.
> This will require extending the chroot socket protocol.
> 
> Stefan
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [V8 PATCH 00/11] virtio-9p: Use chroot to safely access files in passthrough security model, M. Mohan Kumar, 2011/03/09
- [Qemu-devel] [V8 PATCH 02/11] virtio-9p: Enable CONFIG_THREAD if CONFIG_VIRTFS is enabled, M. Mohan Kumar, 2011/03/09
- [Qemu-devel] [V8 PATCH 11/11] virtio-9p: Chroot environment for other functions, M. Mohan Kumar, 2011/03/09
  - [Qemu-devel] Re: [V8 PATCH 11/11] virtio-9p: Chroot environment for other functions, Stefan Hajnoczi, 2011/03/10
    - Re: [Qemu-devel] Re: [V8 PATCH 11/11] virtio-9p: Chroot environment for other functions, Venkateswararao Jujjuri (JV) <=
    - Re: [Qemu-devel] Re: [V8 PATCH 11/11] virtio-9p: Chroot environment for other functions, Stefan Hajnoczi, 2011/03/11
    - Re: [Qemu-devel] Re: [V8 PATCH 11/11] virtio-9p: Chroot environment for other functions, Venkateswararao Jujjuri (JV), 2011/03/11
- [Qemu-devel] [V8 PATCH 03/11] virtio-9p: Provide chroot worker side interfaces, M. Mohan Kumar, 2011/03/09
- [Qemu-devel] [V8 PATCH 10/11] virtio-9p: Move file post creation changes to none security model, M. Mohan Kumar, 2011/03/09
- [Qemu-devel] [V8 PATCH 07/11] virtio-9p: Support for creating special files, M. Mohan Kumar, 2011/03/09
- [Qemu-devel] [V8 PATCH 06/11] virtio-9p: Create support in chroot environment, M. Mohan Kumar, 2011/03/09
- [Qemu-devel] [V8 PATCH 04/11] virtio-9p: Add qemu side interfaces for chroot environment, M. Mohan Kumar, 2011/03/09
- [Qemu-devel] [V8 PATCH 01/11] Implement qemu_read_full, M. Mohan Kumar, 2011/03/09
- [Qemu-devel] [V8 PATCH 09/11] virtio-9p: Add support to rename, M. Mohan Kumar, 2011/03/09
- [Qemu-devel] [V8 PATCH 05/11] virtio-9p: Add support to open a file in chroot environment, M. Mohan Kumar, 2011/03/09

Prev by Date: [Qemu-devel] Re: [PATCH v6 1/3] rtl8139: cleanup FCS calculation
Next by Date: [Qemu-devel] Re: [PATCH] kvm: ppc: Fix breakage of kvm_arch_pre_run/process_irqchip_events
Previous by thread: [Qemu-devel] Re: [V8 PATCH 11/11] virtio-9p: Chroot environment for other functions
Next by thread: Re: [Qemu-devel] Re: [V8 PATCH 11/11] virtio-9p: Chroot environment for other functions
Index(es):
- Date
- Thread