Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-12-01 Thread Alan Cox
> > That's general misuse of /tmp. Things like "command > /tmp/file" > > without having pre-created the file with O_EXCL e.g. by mktemp(1). > > I'm sorry, I've been using Unix for over 30 years. > /tmp is a place that temporary files were created - nothing special. > Traditionally it was emptie

RE: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-12-01 Thread David Laight
From: Solar Designer > Sent: 30 November 2017 17:52 > > On Thu, Nov 30, 2017 at 04:53:06PM +, David Laight wrote: > > From: Salvatore Mesoraca > > > if a program tries to open a file, in a sticky directory, > > > with the O_CREAT flag and without the O_EXCL, it probably has a bug. > > > This f

Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-30 Thread Solar Designer
On Thu, Nov 30, 2017 at 04:53:06PM +, David Laight wrote: > From: Salvatore Mesoraca > > if a program tries to open a file, in a sticky directory, > > with the O_CREAT flag and without the O_EXCL, it probably has a bug. > > This feature allows to detect and potentially block programs that > > a

RE: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-30 Thread David Laight
From: Salvatore Mesoraca > Sent: 22 November 2017 08:02 > > Disallows O_CREAT open missing the O_EXCL flag, in world or > group writable directories, even if the file doesn't exist yet. > With few exceptions (e.g. shared lock files based on flock()) > if a program tries to open a file, in a sticky

Re: [kernel-hardening] Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-30 Thread Ian Campbell
On Thu, 2017-11-30 at 15:39 +0100, Salvatore Mesoraca wrote: > 2017-11-27 1:26 GMT+01:00 Solar Designer : > > On Fri, Nov 24, 2017 at 12:43:47PM +0100, Salvatore Mesoraca wrote: > > > 2017-11-24 11:53 GMT+01:00 David Laight > > > : > > > > From: Alan Cox > > > > > Sent: 22 November 2017 16:52 > >

Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-30 Thread Salvatore Mesoraca
2017-11-27 1:26 GMT+01:00 Solar Designer : > On Fri, Nov 24, 2017 at 12:43:47PM +0100, Salvatore Mesoraca wrote: > > 2017-11-24 11:53 GMT+01:00 David Laight : > > > From: Alan Cox > > >> Sent: 22 November 2017 16:52 > > >> > > >> On Wed, 22 Nov 2017 09:01:46 +0100 Salvatore Mesoraca > > >> wrote:

Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-26 Thread Solar Designer
On Fri, Nov 24, 2017 at 12:43:47PM +0100, Salvatore Mesoraca wrote: > 2017-11-24 11:53 GMT+01:00 David Laight : > > From: Alan Cox > >> Sent: 22 November 2017 16:52 > >> > >> On Wed, 22 Nov 2017 09:01:46 +0100 Salvatore Mesoraca > >> wrote: > >> > >> > Disallows O_CREAT open missing the O_EXCL fl

Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-26 Thread Salvatore Mesoraca
2017-11-24 12:53 GMT+01:00 David Laight : > From: Salvatore Mesoraca [mailto:s.mesorac...@gmail.com] >> Sent: 24 November 2017 11:44 >> >> 2017-11-24 11:53 GMT+01:00 David Laight : >> > From: Alan Cox >> >> Sent: 22 November 2017 16:52 >> >> >> >> On Wed, 22 Nov 2017 09:01:46 +0100 >> >> Salvatore

RE: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-24 Thread David Laight
From: Salvatore Mesoraca [mailto:s.mesorac...@gmail.com] > Sent: 24 November 2017 11:44 > > 2017-11-24 11:53 GMT+01:00 David Laight : > > From: Alan Cox > >> Sent: 22 November 2017 16:52 > >> > >> On Wed, 22 Nov 2017 09:01:46 +0100 > >> Salvatore Mesoraca wrote: > >> > >> > Disallows O_CREAT open

Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-24 Thread Salvatore Mesoraca
2017-11-24 11:53 GMT+01:00 David Laight : > From: Alan Cox >> Sent: 22 November 2017 16:52 >> >> On Wed, 22 Nov 2017 09:01:46 +0100 >> Salvatore Mesoraca wrote: >> >> > Disallows O_CREAT open missing the O_EXCL flag, in world or >> > group writable directories, even if the file doesn't exist yet.

RE: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-24 Thread David Laight
From: Alan Cox > Sent: 22 November 2017 16:52 > > On Wed, 22 Nov 2017 09:01:46 +0100 > Salvatore Mesoraca wrote: > > > Disallows O_CREAT open missing the O_EXCL flag, in world or > > group writable directories, even if the file doesn't exist yet. > > With few exceptions (e.g. shared lock files b

Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-24 Thread Salvatore Mesoraca
2017-11-22 17:51 GMT+01:00 Alan Cox : > On Wed, 22 Nov 2017 09:01:46 +0100 > Salvatore Mesoraca wrote: > >> Disallows O_CREAT open missing the O_EXCL flag, in world or >> group writable directories, even if the file doesn't exist yet. >> With few exceptions (e.g. shared lock files based on flock()

Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-24 Thread Salvatore Mesoraca
2017-11-22 14:22 GMT+01:00 Matthew Wilcox : > On Wed, Nov 22, 2017 at 09:01:46AM +0100, Salvatore Mesoraca wrote: >> +An O_CREAT open missing the O_EXCL flag in a sticky directory is, >> +often, a bug or a synthom of the fact that the program is not >> +using appropriate procedures to access sticky

Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-22 Thread Alan Cox
On Wed, 22 Nov 2017 09:01:46 +0100 Salvatore Mesoraca wrote: > Disallows O_CREAT open missing the O_EXCL flag, in world or > group writable directories, even if the file doesn't exist yet. > With few exceptions (e.g. shared lock files based on flock()) Enough exceptions to make it a bad idea. F

Re: [PATCH v3 2/2] Protected O_CREAT open in sticky directories

2017-11-22 Thread Matthew Wilcox
On Wed, Nov 22, 2017 at 09:01:46AM +0100, Salvatore Mesoraca wrote: > +An O_CREAT open missing the O_EXCL flag in a sticky directory is, > +often, a bug or a synthom of the fact that the program is not > +using appropriate procedures to access sticky directories. > +This protection allow to detect