|
|
Subscribe / Log in / New account

Local root vulnerability in snap-confine

Local root vulnerability in snap-confine

Posted Feb 17, 2022 20:28 UTC (Thu) by Cyberax (✭ supporter ✭, #52523)
In reply to: Local root vulnerability in snap-confine by jra
Parent article: Local root vulnerability in snap-confine

> Yes, the symlink problem isn't the only one. But vulnerabilities around hardlink and mount are so rare they are worth note.
But they're not!

Any way that can mutate the filesystem structure causes exactly the same problem, and this most definitely includes mounts/overlays. And overlays are becoming critical for containers that we would want to launch without admin permissions.

So mutability of the filesystem is not going away and apps will have to deal with it, symlinks or not.

> I agree the POSIX filesystem API is a horrible mess, but it's symlinks that have made it so.
Not really? It's mostly the lack of handle-based interfaces that is the issue, both for filesystem APIs and for the process/signals API.

to post comments

Local root vulnerability in snap-confine

Posted Feb 18, 2022 20:41 UTC (Fri) by developer122 (guest, #152928) [Link]

Side question: would it have done anything if it was originally required that the user have permissions for the destination if they wished to create a simlink? Is this feasible? (invalid symlinks might be a tricky edgecase, especially if they're not invalidated when their target is removed)


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds