[CRIU] [PATCH] security: set suid flag on crtools and check real uid on dump/restore
Pavel Emelyanov
xemul at parallels.com
Wed Oct 2 03:03:06 PDT 2013
On 10/02/2013 05:54 PM, Ruslan Kuprieiev wrote:
> On 02.10.2013 13:25, Pavel Emelyanov wrote:
>> On 10/02/2013 05:00 PM, Ruslan Kuprieiev wrote:
>>> Hi!
>>>
>>> Lets set suid flag on crtools, so non-root users could dump/restore
>>> their own tasks and start service for their own tasks. On start criu
>>> will get it's real uid and will allow user to dump/restore only tasks
>>> that he own.
>>>
>>> Signed-off-by: Ruslan Kuprieiev <kupruser at gmail.com>
>>>
>> I don't quite understand the logic behind security_init() + restrict_uid()
>> and the need in two uids stores in security.c
> I think we can extend security_init later with some extra features (but
> I don't know with which, though:)). Also checkpatch.pl was mad about
> initializing static variables with zeros:).
>
> And restrict_uid() will be used very often in cr
> I think we may need to remember real uid, so if non-root will start
> service, he won't be able to change his "effective" uid and dump/restore
> tasks with other uids.
He will not be able to do it anyway. The restrict_uid() is not "let me
dump this uid", but "don't even try to dump anything but this".
> It looks better to me, than resolving this
> situation in cr-service. Also i do think that ruid may be in handy later.
> Or just use getuid() every time, instead of declaring second uid?
I thought that we just restrict_uid(getuid()) on crtools start and in
service child req-setup and that's it.
> .
>
More information about the CRIU
mailing list