[CRIU] [PATCH] security: check_ids - return true if [se]?[ug]id is the same as task id

Andrew Vagin avagin at parallels.com
Tue Jun 17 07:05:56 PDT 2014


On Tue, Jun 17, 2014 at 05:35:50PM +0400, Pavel Emelyanov wrote:
> On 06/17/2014 05:30 PM, Andrew Vagin wrote:
> > On Tue, Jun 17, 2014 at 04:15:31PM +0400, Pavel Emelyanov wrote:
> >> On 06/17/2014 01:40 PM, Andrew Vagin wrote:
> >>
> >>> We was talking with you about the third one. Images are created from a
> >>> suid user. On restore criu checks that images are belonged to this user.
> >>>
> >>> Only root can change file owners, so it looks secure.
> >>
> >> Well, yes. I've already expressed this idea in another sub-thread.
> >> Files belonging to root and having no write perms for anyone else
> >> are safe to be used as restore images regardless of contents.
> > 
> > It is not the same. Why they should belong to root? 
> 
> To whom? To some other user? This is also insecure.
> 
> > Or may be root a code name for suid (Saved User ID)?
> 
> What?

I had a personal discussion with Pavel. He explained me why it's
insecure. Sorry for the noise.

> 
> Thanks,
> Pavel


More information about the CRIU mailing list