On Tue, Feb 23, 2021 at 02:52:22AM +0000, wangyunjian wrote: > non-root users can use ovs-vsctl, but the following security problems may > exist. Because /usr/share/openvswitch/scripts/ovs-ctl will call ovs-appctl, > ovs-vsctl etc., and ovs-ctl is called by the OVS service as root. In this > case, the following paths of attack exist: > 1. non-root user tamper with the contents of ovs-vsctl to execute arbitrary > bash commands, such as `reboot`; > 2. When the ovs-ctl script is called by the OVS service as root, the > ovs-vsctl command will be executed, and then the reboot is triggered. > Originally, non-root users are not entitled to execute reboot, but through > this attack can be successfully executed, there is a risk of raising > privilege.
I'd generally consider a scenario like the above to be a bug in ovs-ctl. Do you have a specific vulnerability to report? _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
