Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

layer: always set bundle to 0700 on creation #182

Merged
merged 1 commit into from
Oct 4, 2017
Merged

layer: always set bundle to 0700 on creation #182

merged 1 commit into from
Oct 4, 2017

Conversation

cyphar
Copy link
Member

@cyphar cyphar commented Oct 3, 2017
edited
Loading

This protects against attacks where an unsafe image is extracted into a
location where an unprivileged user could potentially access unsafe
setuid binaries (or unsafe inodes). This protection is very easy to
disable by a user of umoci, but the intention is to protect against
lowest-common-denominator attacks.

This is a slightly breaking change, but as it is a security issue (which
was previously documented) we have made the change anyway.

Fixes #181
Signed-off-by: Aleksa Sarai [email protected]

@cyphar
layer: always set bundle to 0700 on creation
04424ef 
This protects against attacks where an unsafe image is extracted into a
location where an unprivileged user could potentially access unsafe
setuid binaries (or unsafe inodes). This protection is very easy to
disable by a user of umoci, but the intention is to protect against
lowest-common-denominator attacks.

This is a slightly breaking change, but as it is a security issue (which
was previously documented) we have made the change anyway.

Signed-off-by: Aleksa Sarai <[email protected]>
@cyphar cyphar force-pushed the rootfs-inode-creation-safe branch from 4e18873 to 04424ef Compare October 3, 2017 19:37
@cyphar
Copy link
Member Author

cyphar commented Oct 3, 2017

I really should've done this earlier. I was worried about breaking the usecase of a shared rootfs, which in retrospect wasn't a good idea.

/cc @hallyn

@cyphar
Copy link
Member Author

cyphar commented Oct 4, 2017

LGTM.

@cyphar cyphar merged commit 04424ef into opencontainers:master Oct 4, 2017
cyphar added a commit that referenced this pull request Oct 4, 2017
@cyphar
merge branch 'pr-182'
bf52f67 
  layer: always set bundle to 0700 on creation

LGTMs: @cyphar
Closes #182
@cyphar cyphar deleted the rootfs-inode-creation-safe branch October 4, 2017 00:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cyphar