From: [email protected]

Ola Lundqvist <[email protected]> writes:

and tools like vkill or vunify are having races.

...
You can gain access to the root-filesystem by ptrace'ing the vkill
process. Problem is, that vkill changes the context (--> visible and
ptrace'able for vserver-processes) without going into the
vserver-directory.

You have to have something that poll the process list continously to determine this?

Most 'vkill' invocations will sent a signal 15 first which can be
intercepted. So, the polling needs to be executed only once in the
SIGTERM handler and chances are high that the 'kill' process is in
your context (especially, when you create some load).

Can't you (in vkill) change vserver-directory at the same time (or
before) the context is changed?

Not possible; vkill executes

| /usr/sbin/chcontext --ctx $1 kill $PROC`;

So you would need a 'kill' binary in each vserver. This can not be
assumed and lowers reliability yet more.



Enrico


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

From: [email protected]

Hello again.

Sorry for bothering you so much.

I will make the following test in before any files is removed.
P=$PWD
cd -P directory
PN=$PWD
cd $P
now check if $PN is outside the vserver if it is, barf out an error
(or even better just add the VROOTDIR variable to the beginning of it).

We still have a race condition though. Especially if I use grep for checking...

If I use some bashisms it is quote easy to check though.

VROOT="$VROOTDIR/$host"
if [ "$VROOT" = ${PWD:0:${#VROOT}} ] ; then
# ok
else
echo 'VROOT owner has a nasty symlink in it!!!'
cd $VROOT/$PWD || die "Nasty symlink! That do not exist in vserver."
fi
Now do the action.

This should fix this, but the race still exist.

On Thu, Aug 19, 2004 at 11:09:04PM +0200, Enrico Scholz wrote:

Ola Lundqvist <[email protected]> writes:

and tools like vkill or vunify are having races.

...
You can gain access to the root-filesystem by ptrace'ing the vkill
process. Problem is, that vkill changes the context (--> visible and
ptrace'able for vserver-processes) without going into the
vserver-directory.

You have to have something that poll the process list continously to determine this?

Most 'vkill' invocations will sent a signal 15 first which can be intercepted. So, the polling needs to be executed only once in the
SIGTERM handler and chances are high that the 'kill' process is in
your context (especially, when you create some load).

Ok I get the point.

Can't you (in vkill) change vserver-directory at the same time (or
before) the context is changed?

Not possible; vkill executes

Can't you chroot a process from within the c-code?

| /usr/sbin/chcontext --ctx $1 kill $PROC`;

So you would need a 'kill' binary in each vserver. This can not be
assumed and lowers reliability yet more.

Yes that is much worse.

Well maybe we just have to live with these security issues until
alpha is not that alpha.

Regards,

// Ola

Enrico

--
--------------------- Ola Lundqvist ---------------------------
/ [email protected] Annebergsslingan 37 \
| [email protected] 654 65 KARLSTAD |
| +46 (0)54-10 14 30 +46 (0)70-332 1551 |
| http://www.opal.dhs.org UIN/icq: 4912500 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

From: [email protected]

Hello

I am (as you might know) the maintainer of util-vserver in
Debian.

I have got a request to include vproc in the stable version
in order to make it work with 2.6 kernels.

See: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=258038
I have recently also brought it up on the vserver mailinglist,
starting on:
http://list.linux-vserver.org/archive/vserver/msg07654.html
List is at: http://list.linux-vserver.org/archive/vserver/

What I want to know is what tools that is "safe" in incorporate
in the very soon to be released stable Debian distribution.

As I understand from Herbert all I need to add is the
setattr command from the unstable branch. Is that right?

I think you can clear out my thoughts on this. :)

Regards,

// Ola

PS. If you are interested in the other bugs, see: http://bugs.debian.org/util-vserver
DS.

--
--------------------- Ola Lundqvist ---------------------------
/ [email protected] Annebergsslingan 37 \
| [email protected] 654 65 KARLSTAD |
| +46 (0)54-10 14 30 +46 (0)70-332 1551 |
| http://www.opal.dhs.org UIN/icq: 4912500 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

From: [email protected]

Hi Ola,

you're sure this is for me (was meant to go to bugs.d.o)?

Am Mi, den 18.08.2004 schrieb Ola Lundqvist um 10:09:

Hello

I am (as you might know) the maintainer of util-vserver in
Debian.

I have got a request to include vproc in the stable version
in order to make it work with 2.6 kernels.

See: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=258038
I have recently also brought it up on the vserver mailinglist,
starting on:
http://list.linux-vserver.org/archive/vserver/msg07654.html
List is at: http://list.linux-vserver.org/archive/vserver/

What I want to know is what tools that is "safe" in incorporate
in the very soon to be released stable Debian distribution.

As I understand from Herbert all I need to add is the
setattr command from the unstable branch. Is that right?

I think you can clear out my thoughts on this. :)

Regards,

// Ola

PS. If you are interested in the other bugs, see: http://bugs.debian.org/util-vserver
DS.

--
Best regards,
Kilian

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQBBIxXqvdkzt4X+wX8RAtSXAJ9zqenCIN8guxEFKUh4tNmWvqcI4gCdFfak 2h8+60iaaN10JswfewZ8Rjs=
=9xrR
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

From: [email protected]

Hello

Must have had the wrong email in my cutbuffer. :)

Regards,

// Ola

On Wed, Aug 18, 2004 at 10:40:10AM +0200, Kilian Krause wrote:

Hi Ola,

you're sure this is for me (was meant to go to bugs.d.o)?

Am Mi, den 18.08.2004 schrieb Ola Lundqvist um 10:09:

Hello

I am (as you might know) the maintainer of util-vserver in
Debian.

I have got a request to include vproc in the stable version
in order to make it work with 2.6 kernels.

See: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=258038
I have recently also brought it up on the vserver mailinglist,
starting on:
http://list.linux-vserver.org/archive/vserver/msg07654.html
List is at: http://list.linux-vserver.org/archive/vserver/

What I want to know is what tools that is "safe" in incorporate
in the very soon to be released stable Debian distribution.

As I understand from Herbert all I need to add is the
setattr command from the unstable branch. Is that right?

I think you can clear out my thoughts on this. :)

Regards,

// Ola

PS. If you are interested in the other bugs, see: http://bugs.debian.org/util-vserver
DS.

--
Best regards,
Kilian

--
--------------------- Ola Lundqvist ---------------------------
/ [email protected] Annebergsslingan 37 \
| [email protected] 654 65 KARLSTAD |
| +46 (0)54-10 14 30 +46 (0)70-332 1551 |
| http://www.opal.dhs.org UIN/icq: 4912500 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

From: [email protected]

Hello Enrico

I am (as you might know) the maintainer of util-vserver in
Debian.

I have got a request to include vproc in the stable version
in order to make it work with 2.6 kernels.

See: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=258038
I have recently also brought it up on the vserver mailinglist,
starting on:
http://list.linux-vserver.org/archive/vserver/msg07654.html
List is at: http://list.linux-vserver.org/archive/vserver/

What I want to know is what tools that is "safe" in incorporate
in the very soon to be released stable Debian distribution.

As I understand from Herbert all I need to add is the
setattr command from the unstable branch. Is that right?

I think you can clear out my thoughts on this. :)

Regards,

// Ola

PS. If you are interested in the other bugs, see: http://bugs.debian.org/util-vserver
DS.

--
--------------------- Ola Lundqvist ---------------------------
/ [email protected] Annebergsslingan 37 \
| [email protected] 654 65 KARLSTAD |
| +46 (0)54-10 14 30 +46 (0)70-332 1551 |
| http://www.opal.dhs.org UIN/icq: 4912500 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)