Re: core statement on fexecve, O_EXEC, and O_SEARCH

To: Robert Elz <kre%munnari.OZ.AU@localhost>
Subject: Re: core statement on fexecve, O_EXEC, and O_SEARCH
From: "Roland C. Dowdeswell" <elric%imrryr.org@localhost>
Date: Wed, 5 Dec 2012 03:02:09 +0000

On Tue, Dec 04, 2012 at 11:42:04PM +0700, Robert Elz wrote:
>

> Even chroot isn't a problem, unless you're tempted to view it as some
> kind of security mechanism.   It really isn't - it is just namespace
> modification.   Sure, by modifying the filesystem namespace a bunch
> of simple security attacks seem easy to avoid (and it does provide
> some simple measure of protection) but as a true security mechanism
> it really doesn't come close, and arguing against feature X or Y
> because some tricky application of it can defeat chroot "security"
> is just plain insane.

Let's not lose sight of the fact that chroot can most certainly
compromise security if used improperly even if you are only using
it as a namespace mechanism, though.  So, there are most definitely
security considerations that must be taken into account even if
you think that chroot is not a security mechanism.

--
    Roland Dowdeswell                      http://Imrryr.ORG/~elric/

References:
- Re: core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Alan Barrett
- core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Alan Barrett
- Re: core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Emmanuel Dreyfus
- Re: core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Michael van Elst
- Re: core statement on fexecve, O_EXEC, and O_SEARCH
  - From: Robert Elz

Prev by Date: Re: wapbl_flush() speedup
Next by Date: Re: Broadcast traffic on vlans leaks into the parent interface on NetBSD-5.1
Previous by Thread: Re: core statement on fexecve, O_EXEC, and O_SEARCH
Next by Thread: Re: core statement on fexecve, O_EXEC, and O_SEARCH
Indexes:

Home | Main Index | Thread Index | Old Index