[devel] [PATCH hasher-priv v1 0/3] Make a daemon from the hasher-priv

Alexey Gladkov legion на altlinux.ru
Чт Окт 1 23:01:29 MSK 2020


On Thu, Oct 01, 2020 at 08:44:00PM +0300, Arseny Maslennikov wrote:
> On Thu, Oct 01, 2020 at 07:21:11PM +0200, Alexey Gladkov wrote:
> > On Thu, Sep 17, 2020 at 04:09:35PM +0300, Arseny Maslennikov wrote:
> > > On Fri, Dec 13, 2019 at 12:42:02PM +0100, Alex Gladkov wrote:
> > > > From: Alexey Gladkov <legion на altlinux.org>
> > > > 
> > > > The hasher-priv is a SUID utility. This is not good. Separation of the
> > > > server and client parts will allow us to remove SUID flag.
> > > > 
> > > > The separation of server and client is not intended to give clients
> > > > access over the network. This separation is only necessary to distinguish
> > > > privileges. Only UNIX domain socket is used.
> > > > 
> > > > A separate session process is created for each connected user. Each such
> > > > process ends after a certain period of inactivity.
> > > 
> > > Thank you for trying this idea out; despite the trolling attempts, this
> > > effort is long welcome.
> > 
> > I created this patchset a long time ago. I've already lost my context. It
> > might be better if you keep working on this patch.
> > 
> 
> Great! I'd like to work on this further.

You have asked many questions. I didn’t answer everything because these
patches are already 5 years old and I can hardly remember what I had in my
head when I did them. Submitting patches to the mailing list was the
second attempt to upstream them. Actually, I was afraid of losing them
altogether, so I merged some of the patches. Originally I had about 10
patches in a patchset.

I'm not sure if I have time for this rework. But we can try. We can
discuss the hasher-privd in russian if you like :)

> > > There are some issues with the patchset, which I intend to cover in
> > > subsequent emails. I have published[1] some fix-up commits on top of
> > > these patches in an attempt to ensure that, barring the issues with a
> > > known fix, this works; however, some bugs are definitely still unsolved
> > > by now, so I decided to discuss the more apparent points first.
> > > 
> > > [1] http://git.altlinux.org/people/arseny/packages/hasher-priv.git?a=summary
> > 
> > It looks like you've already started working on finalizing this patch :)
> > 
> > > There's an issue when hasher-privd tries to fulfill a chrootuid{1,2}
> > > request: the (eventually) unprivileged task executor process
> > > successfully invokes waitpid() or the likes on a child process,
> > > select()s on I/O descriptors, but gets CHLD later — and it looks like
> > > the inherited signal handler causes it to wait again.
> > 
> > Hm...
> > 
> > > I've not yet found a decent reproducer — the following command:
> > > `hsh-shell $workdir'
> > 
> > There is no such command. You need to send command to run /bin/sh.
> 
> Yes, there's no such IPC command, I was referring to a shell command run
> in the host system by the caller user.
> 
> > 
> > > reproduces the issue reliably for me, but hsh-mkchroot, hsh-rmchroot,
> > > hsh-install are all OK. The root cause nevertheless is not yet
> > > established. It looks like this has to be patched somewhere in
> > > chrootuid(), but I might be wrong on this one.
> > > 



-- 
Rgrds, legion

----------- следующая часть -----------
Было удалено вложение не в текстовом формате...
Имя     : signature.asc
Тип     : application/pgp-signature
Размер  : 195 байтов
Описание: отсутствует
Url     : <http://lists.altlinux.org/pipermail/devel/attachments/20201001/42de664e/attachment.bin>


Подробная информация о списке рассылки Devel