[CRIU] Hardening the criu service daemon

Pavel Emelyanov xemul at parallels.com
Fri Sep 11 06:28:23 PDT 2015


On 09/11/2015 04:17 PM, Ruslan Kuprieiev wrote:
> Hi,
> 
> On 11.09.15 16:06, Pavel Emelyanov wrote:
>>> Are there any objections because the service daemon is seen as an
>>>> important feature or is it okay to be removed?
>> I'm OK with it.
>>
>> I would even suggest deprecating the service as a whole, but before doing
>> this we should implement the "self dump" facility via swrk and then audit
>> the swrk mode for not be subject to the same cves.
>>
>> -- Pavel
> Why deprecating it at all?

Because the only value that it can bring at the moment is the "self-dump"
thing. All the rest can be done using swrk, and (!) the restore_sibling
part works _only_ in swrk mode.

> Isn't it much more secure to let users use
> service socket instead of giving them a suid-ed binary?

I guess it's the same -- in any case you have a root-priviledged binary
that acts on your behalf.

-- Pavel


More information about the CRIU mailing list