From: Bodo Eggert <7eggert@elstempel.de>
To: Ingo Molnar <mingo@elte.hu>, Jeff Dike <jdike@addtoit.com>,
Andrea Arcangeli <andrea@suse.de>, Andi Kleen <ak@suse.de>,
Alan Cox <alan@lxorguk.ukuu.org.uk>,
Arjan van de Ven <arjan@infradead.org>,
Adrian Bunk <bunk@stusta.de>, Andrew Morton <akpm@osdl.org>,
Lee Revell <rlrevell@joe-job.com>,
linux-kernel@vger.kernel.org, Alan Cox <alan@redhat.com>,
Linus Torvalds <torvalds@osdl.org>
Subject: Re: [patch] let CONFIG_SECCOMP default to n
Date: Mon, 17 Jul 2006 13:37:44 +0200 [thread overview]
Message-ID: <E1G2RQL-0000tG-Gb@be1.lrz> (raw)
In-Reply-To: 6y7RK-7TX-9@gated-at.bofh.it
Ingo Molnar <mingo@elte.hu> wrote:
> * Jeff Dike <jdike@addtoit.com> wrote:
>> Now, there were a couple of ways to legitimately escape from UML, and
>> they *did* involve ptrace. Things like single-stepping a system call
>> instruction or putting a breakpoint on a system call instruction and
>> single-stepping from the breakpoint. As far as I know, these were
>> discovered and fixed by UML developers before there was any outside
>> awareness of these bugs.
>
> also, UML 'ptrace clients' are allowed alot more leeway than what a
> seccomp-alike ptrace/utrace based syscall filter would allow. It would
> clearly exclude activities like 'setting a breakpoint' or
> 'single-stepping' - valid syscalls would be limited to
> read/write/sigreturn/exit.
So instead of breakpointing (using int3), you'd have to write
'mv flag I_AM_HERE;self:jmp self' and resort to polling?
This would not prevent (ab)use except for some corner cases.
--
Ich danke GMX dafür, die Verwendung meiner Adressen mittels per SPF
verbreiteten Lügen zu sabotieren.
http://david.woodhou.se/why-not-spf.html
next parent reply other threads:[~2006-07-17 11:38 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <6tgj0-8ip-19@gated-at.bofh.it>
[not found] ` <6xP8s-5mc-9@gated-at.bofh.it>
[not found] ` <6xUhQ-4Wx-33@gated-at.bofh.it>
[not found] ` <6xVdX-6oH-53@gated-at.bofh.it>
[not found] ` <6xVnz-6AI-21@gated-at.bofh.it>
[not found] ` <6xZUd-4Es-13@gated-at.bofh.it>
[not found] ` <6y7yy-7ws-13@gated-at.bofh.it>
[not found] ` <6y7RK-7TX-9@gated-at.bofh.it>
2006-07-17 11:37 ` Bodo Eggert [this message]
2006-07-13 5:43 [patch] let CONFIG_SECCOMP default to n Albert Cahalan
2006-07-13 7:07 ` andrea
-- strict thread matches above, loose matches on Subject: below --
2006-07-12 21:37 Chuck Ebbert
2006-07-12 21:55 ` Linus Torvalds
2006-07-12 22:48 ` andrea
2006-07-12 21:57 ` Andi Kleen
2006-06-29 19:21 [2.6 patch] " Adrian Bunk
2006-06-30 0:44 ` Lee Revell
2006-06-30 1:07 ` Andrew Morton
2006-06-30 1:40 ` Adrian Bunk
2006-06-30 4:52 ` Andrea Arcangeli
2006-06-30 9:47 ` Ingo Molnar
2006-06-30 14:58 ` andrea
2006-07-11 7:36 ` [patch] " Ingo Molnar
2006-07-11 14:17 ` andrea
2006-07-11 14:32 ` Arjan van de Ven
2006-07-11 15:31 ` andrea
2006-07-11 15:54 ` Arjan van de Ven
2006-07-11 16:13 ` andrea
2006-07-11 16:23 ` Arjan van de Ven
2006-07-11 16:57 ` Alan Cox
2006-07-11 16:25 ` Alan Cox
2006-07-11 16:02 ` Adrian Bunk
2006-07-11 16:16 ` andrea
2006-07-11 16:24 ` Alan Cox
2006-07-12 15:43 ` Andi Kleen
2006-07-12 21:07 ` Ingo Molnar
2006-07-12 22:06 ` Andi Kleen
2006-07-12 22:19 ` Ingo Molnar
2006-07-12 22:33 ` Andi Kleen
2006-07-12 22:49 ` Ingo Molnar
2006-07-13 3:16 ` Andrea Arcangeli
2006-07-13 11:23 ` Jeff Dike
2006-07-13 11:35 ` Ingo Molnar
2006-07-13 3:04 ` Andrea Arcangeli
2006-07-13 3:12 ` Linus Torvalds
2006-07-13 4:40 ` Andrea Arcangeli
2006-07-13 4:51 ` andrea
2006-07-13 5:12 ` Linus Torvalds
2006-07-13 6:22 ` andrea
2006-07-13 1:51 ` Andrew Morton
2006-07-13 2:00 ` Linus Torvalds
2006-07-13 7:44 ` James Bruce
2006-07-13 8:34 ` andrea
2006-07-13 9:18 ` Andrew Morton
2006-07-13 12:13 ` Andi Kleen
2006-07-12 21:22 ` Ingo Molnar
2006-07-12 22:11 ` Andi Kleen
2006-07-11 15:54 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=E1G2RQL-0000tG-Gb@be1.lrz \
--to=7eggert@elstempel.de \
--cc=7eggert@gmx.de \
--cc=ak@suse.de \
--cc=akpm@osdl.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=alan@redhat.com \
--cc=andrea@suse.de \
--cc=arjan@infradead.org \
--cc=bunk@stusta.de \
--cc=jdike@addtoit.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=rlrevell@joe-job.com \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox