[CRIU] Hardening the criu service daemon
Florian Weimer
fweimer at redhat.com
Fri Sep 11 06:32:20 PDT 2015
On 09/11/2015 03:30 PM, Pavel Emelyanov wrote:
> On 09/11/2015 04:23 PM, Florian Weimer wrote:
>> On 09/11/2015 03:17 PM, Ruslan Kuprieiev wrote:
>>> Hi,
>>>
>>> On 11.09.15 16:06, Pavel Emelyanov wrote:
>>>>> Are there any objections because the service daemon is seen as an
>>>>>> important feature or is it okay to be removed?
>>>> I'm OK with it.
>>>>
>>>> I would even suggest deprecating the service as a whole, but before doing
>>>> this we should implement the "self dump" facility via swrk and then audit
>>>> the swrk mode for not be subject to the same cves.
>>>>
>>>> -- Pavel
>>> Why deprecating it at all? Isn't it much more secure to let users use
>>> service socket instead of giving them a suid-ed binary?
>>
>> Currently, both are equally insecure. Making the binary SUID isn't even
>> documented, as far as I know.
>
> It is at the http://criu.org/Security page. Probably not as good as it could be,
> but still it's there.
Oh, a half-sentence at the start of the page. So is the intent that
SUID installation of the criu binary is supported? I suspect there
would be some additional vulnerabilities in this mode.
--
Florian Weimer / Red Hat Product Security
More information about the CRIU
mailing list