On Wed, Mar 24, 2004 at 06:22:09PM +0200, Alex Lyashkov wrote: > Hi Herbert > > I download you experimental code from > http://vserver.13thfloor.at/Experimental/ns01 > and see you add 2 bugs in namespace switch code.
Hi Alex! thanks for looking at the code! > You function > =============== > int vc_enter_namespace(uint32_t id, void *data) > { > struct vx_info *vxi; > struct namespace *old_ns; > > if (!vx_check(0, VX_ADMIN)) > return -ENOSYS; > > vxi = find_vx_info(id); > if (!vxi) > return -ESRCH; > > if (!vxi->vx_namespace) > goto out_put; > > old_ns = current->namespace; > get_namespace(vxi->vx_namespace); > current->namespace = vxi->vx_namespace; > put_namespace(old_ns); > > out_put: > put_vx_info(vxi); > return 0; > } > ============= recent patches (like 0.09.25) use the following code, which at least has one bug you mention: ... old_ns = current->namespace; old_fs = current->fs; get_namespace(vxi->vx_namespace); current->namespace = vxi->vx_namespace; current->fs = copy_fs_struct(vxi->vx_fs); put_namespace(old_ns); put_fs_struct(old_fs); ... > well... > first bug. You _must_ lock task before namespace switch. > see include/linux/namaspace.h as example namespace switch code. sounds reasonable, thanks! > static inline void exit_namespace(struct task_struct *p) > { > struct namespace *namespace = p->namespace; > if (namespace) { > task_lock(p); > p->namespace = NULL; > task_unlock(p); > put_namespace(namespace); > } > } > > === > second bug. you must adjust 'root' && 'altroot' && pwd and task->fs > struct. if not do it - it`s create security hole. > How it do see in > namespace.c:chroot_fs_refs and and open.c:sys_chroot. do you think the approach above isn't sufficient, regarding root and altroot, what security hole do you see? > i think this references will help you fix code. thank you, Herbert > -- > Alex Lyashkov <[EMAIL PROTECTED]> > PSoft _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver