[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Access to /dev/pts devices via pt_chown and user namespaces
From: Jakub Wilk <jwilk () debian ! org>
Date: 2016-02-27 17:34:20
Message-ID: 20160227173409.GA3663 () jwilk ! net
[Download RAW message or body]
* Simon McVittie <smcv@debian.org>, 2016-02-24, 07:01:
>>>Just for the record, pt_chown is not enabled by default in upstream
>>>glibc starting with glibc-2.18, one has to specify --enable-pt_chown
>>>configure option explicitly to build pt_chown.
>>
>>Thanks for that information. So for pt_chown, this could hopefully be
>>just an Ubuntu issue.
>
>And Debian 8 (but not the future Debian 9, at least on Linux kernels),
>and probably other distributions where backward compat was a concern.
>
><https://bugs.debian.org/717544> has some interesting background. The
>Debian and Ubuntu glibc maintainers tried turning off pt_chown in 2014,
>but had to turn it back on because it caused too many regressions: in
>particular "mount -t devpts devpts-foo chroot-foo/dev/pts" apparently
>alters the mount options for the "real" /dev/pts, not just the one
>being mounted in the chroot (presumably losing the noexec,nosuid,gid=5
>and mode=620 or mode=600 options that are expected in Debian). I don't
>know whether the default mount options were subsequently altered in
>util-linux and/or the kernel as suggested on that bug, or whether
>manually mounting devpts is just not going to be a supported action in
>Debian 9.
grantpt() was fixed so that it works even when /dev/pts mount options
are "wrong":
https://sourceware.org/ml/libc-alpha/2015-12/msg00151.html
This is going to be backported to Debian 8 (jessie):
https://bugs.debian.org/816023
--
Jakub Wilk
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic