[CRIU] Hardening the criu service daemon
Pavel Emelyanov
xemul at parallels.com
Fri Sep 11 06:26:54 PDT 2015
On 09/11/2015 04:20 PM, Florian Weimer wrote:
> On 09/01/2015 01:23 PM, Pavel Emelyanov wrote:
>
>>> You'd still need something stronger than a PID to attach to the process
>>> (the requester process).
>>
>> A /proc/pid/something file can be such. Once open()-ed it will pin the struct pid,
>> so openat(that_fd, "path") will be able to access the original process safely.
>
> It's still not clear to me how you can go from the incoming socket
> connection to the correct process in a race-free manner.
Smth like this from my perspective should work:
1. task connects to criu using unix socket
2. criu gets the peer's pid using SO_PEERCRED sockopt
3. criu freezes the task
4. criu checks task's fdtable to contain the connection socket
The latter check is still not there though :( but everything
is prepared for it.
-- Pavel
More information about the CRIU
mailing list