Re: [PATCH 0/3] Misc. redirect_dir=nofollow fixes

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Vivek Goyal <vgoyal@redhat.com>
To: Amir Goldstein <amir73il@gmail.com>
Cc: Miklos Szeredi <miklos@szeredi.hu>, linux-unionfs@vger.kernel.org
Subject: Re: [PATCH 0/3] Misc. redirect_dir=nofollow fixes
Date: Tue, 14 Jul 2020 14:07:05 -0400	[thread overview]
Message-ID: <20200714180705.GE324688@redhat.com> (raw)
In-Reply-To: <20200713141945.11719-1-amir73il@gmail.com>

On Mon, Jul 13, 2020 at 05:19:42PM +0300, Amir Goldstein wrote:
> Miklos, Vivek,
> 
> Following discussion on following an unsafe non-dir origin [1]
> and in a addition to a fix for the reported null uuid case [2] and to
> Vivek's doc clarification [3], I am proposing to piggy back existing
> config redirect_dir=nofollow to also not follow non-dir origin.
> 
> Like in the case of non-dir origin, following redirects behavior was
> added with no opt-out option in kernel v4.10.  Later security concerns
> about following malformed redirects resulted in the redirect_dir=nofollow
> config option.

So what's the security issue you are seeing with malformed origin? If
it indeed is a security threat, then we should probably introduce
another mount option to disable it (instead of reusing redirect_dir,
because that's so unintuitive, IMHO).

Thanks
Vivek
> 
> Without giving too much thought into how unsafe it can be to follow
> a bad origin, there is very low motication IMO to follow non-dir origin
> with redirect_dir=nofollow, because it is a configuration that prefers
> safety over correctness, so it just seems like the right thing to do.
> 
> The first two patches are independent bug fixes related to read-only
> NFS export, which can be taken regardless of non-dir origin nofollow.
> FYI, I found those bugs because I am using ro,index=off NFS export
> configuration for the new overlay fsnotify snaphsot series.
> 
> Thanks,
> Amir.
> 
> [1] https://lore.kernel.org/linux-unionfs/CAJfpegv9h7ubuGy_6K4OCdZd3R7Z4HGmCDB2L7mO5bVoGd6MSA@mail.gmail.com/
> [2] https://lore.kernel.org/linux-unionfs/20200708131613.30038-1-amir73il@gmail.com/
> [3] https://lore.kernel.org/linux-unionfs/20200709140220.GC150543@redhat.com/
> 
> Amir Goldstein (3):
>   ovl: force read-only sb on failure to create index dir
>   ovl: fix mount option checks for nfs_export with no upperdir
>   ovl: do not follow non-dir origin with redirect_dir=nofollow
> 
>  Documentation/filesystems/overlayfs.rst |  4 +--
>  fs/overlayfs/namei.c                    |  2 +-
>  fs/overlayfs/super.c                    | 42 ++++++++++++++-----------
>  3 files changed, 27 insertions(+), 21 deletions(-)
> 
> -- 
> 2.17.1
>

next prev parent reply	other threads:[~2020-07-14 18:07 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-13 14:19 [PATCH 0/3] Misc. redirect_dir=nofollow fixes Amir Goldstein
2020-07-13 14:19 ` [PATCH 1/3] ovl: force read-only sb on failure to create index dir Amir Goldstein
2020-07-14 18:18   ` Vivek Goyal
2020-07-14 18:32     ` Amir Goldstein
2020-07-14 18:38       ` Vivek Goyal
2020-07-14 18:45         ` Amir Goldstein
2020-07-15 20:04         ` Miklos Szeredi
2020-07-16  5:00           ` Amir Goldstein
2020-07-15 20:03   ` Miklos Szeredi
2020-07-13 14:19 ` [PATCH 2/3] ovl: fix mount option checks for nfs_export with no upperdir Amir Goldstein
2020-07-14 14:52   ` Miklos Szeredi
2020-07-14 14:58     ` Amir Goldstein
2020-07-14 15:08       ` Miklos Szeredi
2020-07-14 15:20         ` Amir Goldstein
2020-07-15 20:05   ` Miklos Szeredi
2020-07-13 14:19 ` [PATCH 3/3] ovl: do not follow non-dir origin with redirect_dir=nofollow Amir Goldstein
2020-10-30 12:05   ` Miklos Szeredi
2020-10-30 13:20     ` Amir Goldstein
2020-10-30 13:51       ` Miklos Szeredi
2020-07-14 18:07 ` Vivek Goyal [this message]
2020-07-14 18:42   ` [PATCH 0/3] Misc. redirect_dir=nofollow fixes Amir Goldstein
2020-07-15 13:06     ` Vivek Goyal
2020-07-15 13:56       ` Amir Goldstein
2020-07-16 13:27         ` Vivek Goyal
2020-07-16 13:43           ` Amir Goldstein
2020-07-16 15:26             ` Vivek Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200714180705.GE324688@redhat.com \
    --to=vgoyal@redhat.com \
    --cc=amir73il@gmail.com \
    --cc=linux-unionfs@vger.kernel.org \
    --cc=miklos@szeredi.hu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.