From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:45237) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VzBIr-0000X8-F4 for qemu-devel@nongnu.org; Fri, 03 Jan 2014 15:25:17 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VzBIj-0004On-1a for qemu-devel@nongnu.org; Fri, 03 Jan 2014 15:25:09 -0500 Received: from mail-ea0-x22a.google.com ([2a00:1450:4013:c01::22a]:48292) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VzBIi-0004Oi-Qg for qemu-devel@nongnu.org; Fri, 03 Jan 2014 15:25:00 -0500 Received: by mail-ea0-f170.google.com with SMTP id k10so6877222eaj.15 for ; Fri, 03 Jan 2014 12:25:00 -0800 (PST) Sender: Paolo Bonzini Message-ID: <52C71C99.8010401@redhat.com> Date: Fri, 03 Jan 2014 21:24:57 +0100 From: Paolo Bonzini MIME-Version: 1.0 References: <20140103195827.7268.69658.stgit@localhost> In-Reply-To: <20140103195827.7268.69658.stgit@localhost> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH] seccomp: add mkdir() and fchmod() to the whitelist List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paul Moore Cc: qemu-devel@nongnu.org, otubo@linux.vnet.ibm.com Il 03/01/2014 20:58, Paul Moore ha scritto: > The PulseAudio library attempts to do a mkdir(2) and fchmod(2) on > "/run/user//pulse" which is currently blocked by the syscall > filter; this patch adds the two missing syscalls to the whitelist. > You can reproduce this problem with the following command: > > # qemu -monitor stdio -device intel-hda -device hda-duplex > > If watched under strace the following syscalls are shown: > > mkdir("/run/user/0/pulse", 0700) > fchmod(11, 0700) [NOTE: 11 is the fd for /run/user/0/pulse] Can fchmod be exploited to violate the sandbox (e.g. to let data escape from a VM that ought not to have any way to communicate with the outside world)? Paolo