From mboxrd@z Thu Jan 1 00:00:00 1970 From: Richard Weinberger Subject: Re: ext3 and like, mount point in module Date: Sat, 1 Aug 2015 15:27:17 +0200 Message-ID: <55BCC935.2000908@nod.at> References: Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Cc: "linux-fsdevel@vger.kernel.org" To: Tomas Bortoli Return-path: Received: from a.ns.miles-group.at ([95.130.255.143]:65275 "EHLO radon.swed.at" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750744AbbHAN1V (ORCPT ); Sat, 1 Aug 2015 09:27:21 -0400 In-Reply-To: Sender: linux-fsdevel-owner@vger.kernel.org List-ID: Am 01.08.2015 um 15:10 schrieb Tomas Bortoli: > Thanks for the clarification! > I'm trying to make a patch to slightly improve security in file system. > It consists in removing the ".." dir entry in the "/" dir of the file system mounted on the root mount point. What about chroot/namespaces/etc? :) > This could prevent an attacker from using a long series of "../../../" etc in a transversal directory attack > with unknown initial relative path to reach the root dir for sure and then move from there. > The dangerousness depends from which is the flaw > Do you think it's worth it? I'm not sure if it is worth the hassle, I bet some applications depend on that behavior. But you can give it a try, I'd insert a negative dentry for ".." if ".." is child of the current root. Thanks, //richard