From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755274AbbK3W5h (ORCPT ); Mon, 30 Nov 2015 17:57:37 -0500 Received: from a.ns.miles-group.at ([95.130.255.143]:11950 "EHLO radon.swed.at" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754390AbbK3W5f (ORCPT ); Mon, 30 Nov 2015 17:57:35 -0500 Subject: Re: [PATCH net] bridge: Only call /sbin/bridge-stp for the initial network namespace To: "Eric W. Biederman" , David Miller References: <565B7F7D.80208@nod.at> <87egf7183c.fsf_-_@x220.int.ebiederm.org> Cc: "netdev@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "kernel-hardening@lists.openwall.com" , bridge@lists.linux-foundation.org, Stephen Hemminger , Kees Cook From: Richard Weinberger Message-ID: <565CD459.6010402@nod.at> Date: Mon, 30 Nov 2015 23:57:29 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <87egf7183c.fsf_-_@x220.int.ebiederm.org> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Am 30.11.2015 um 22:38 schrieb Eric W. Biederman: > > There is no defined mechanism to pass network namespace information > into /sbin/bridge-stp therefore don't even try to invoke it except > for bridge devices in the initial network namespace. > > It is possible for unprivileged users to cause /sbin/bridge-stp to be > invoked for any network device name which if /sbin/bridge-stp does not > guard against unreasonable arguments or being invoked twice on the same > network device could cause problems. > > Signed-off-by: "Eric W. Biederman" Just figured that /sbin/bridge-stp is a shell script. Network interfaces can contain a lot of funny characters, maybe this is after all a security issue. Thanks, //richard