Bug#777649: cgmanager security update for jessie
Control: tags -1 moreinfo
On 2015-02-11 05:36, Serge Hallyn wrote:
> Package: release.debian.org
> Usertags: jessie-pu
>
> A security issue was found in cgmanager, allowing root-owned privileged
> containers to fully administer cgroups on the host. Two other issues
> were found which allow cgmanager to be crashed by unprivileged users.
> These have all been fixed in sid. The debdiff below, against the current
> jessie package, fixes them for jessie.
>
> debdiff:
>
> [...]
> +
> ++ // Make sure target cgroup is under proxy's
> ++ int plen = strlen(pcgpath);
> ++ if (strncmp(pcgpath, path, plen) != 0) {
> ++ nih_error("%s: target cgroup is not below r (%d)'s", __func__,
> ++ r.pid);
> ++ return -1;
> ++ }
> ++
> [...]
Hi,
Is this truly a sufficient test? The above only tests that pcgpath is a
prefix of path. I do not know exactly what these paths are, so I have
to ask.
Consider:
pcgpath = "root"
pcpgpath = "root-acually-not-really"
plen = strlen(pcgpath) (= 4)
So if only the first plen characters match, they will be considered
equal. If you know, cases like this cannot happen, then it is fine. I
just wanted to double check.
Thanks,
~Niels
Reply to: