From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, T_DKIM_INVALID autolearn=no autolearn_force=no version=3.4.1 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=altlinux.org; s=dkim; h=Subject:In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=8ptflZavtSiWeVjKM7AdVEiT88LrXW49WYkat0eMrkw=; b=Er0iippu3CZY7DDo/6rml+gBZu Wx7749oW+Wgg15rz3uIn0QO/7PrZUWrvlqiLKtXgcb0tV3OZXuFyOIG6+VGZx2ULBgNvyEg4ETu5d oy9Wc9r8/wRBPZml/vRBKSsaCevEi/LDQc20uANKMGmuS+Lff1kmxcRrZC1IHoUYdXyVg8+QY9KF5 I9iIkbZbYCuijBwJbpLB83Bn/ylJz3PVaqo0qPhmVa4xC0s3cIk5GkuqPG7zY7NwTwAOWxuxf9IPu ktOBcffEr35yk7R3jSIuSym2OqQxGsxjCi4EwVnT5GWIteGaS4NAWWzMRq7ahU+FHn8TsZDTVTdjg GFyIRU5g==; Date: Thu, 1 Oct 2020 20:44:00 +0300 From: Arseny Maslennikov To: Alexey Gladkov Message-ID: <20201001174400.GA1037402@cello> References: <20200917130935.GA286846@cello> <20201001172111.owhjozg4pqagbtll@comp-core-i7-2640m-0182e6> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="UlVJffcvxoiEqYs2" Content-Disposition: inline In-Reply-To: <20201001172111.owhjozg4pqagbtll@comp-core-i7-2640m-0182e6> OpenPGP: url=http://grep.cs.msu.ru/~ar/pgp-key.asc X-SA-Exim-Connect-IP: 37.204.119.143 X-SA-Exim-Mail-From: arseny@altlinux.org X-SA-Exim-Version: 4.2.1 X-SA-Exim-Scanned: Yes (on mail.cs.msu.ru) Cc: devel@lists.altlinux.org, ldv@altlinux.org Subject: Re: [devel] [PATCH hasher-priv v1 0/3] Make a daemon from the hasher-priv X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2020 17:44:08 -0000 Archived-At: List-Archive: List-Post: --UlVJffcvxoiEqYs2 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 01, 2020 at 07:21:11PM +0200, Alexey Gladkov wrote: > On Thu, Sep 17, 2020 at 04:09:35PM +0300, Arseny Maslennikov wrote: > > On Fri, Dec 13, 2019 at 12:42:02PM +0100, Alex Gladkov wrote: > > > From: Alexey Gladkov > > >=20 > > > The hasher-priv is a SUID utility. This is not good. Separation of the > > > server and client parts will allow us to remove SUID flag. > > >=20 > > > The separation of server and client is not intended to give clients > > > access over the network. This separation is only necessary to disting= uish > > > privileges. Only UNIX domain socket is used. > > >=20 > > > A separate session process is created for each connected user. Each s= uch > > > process ends after a certain period of inactivity. > >=20 > > Thank you for trying this idea out; despite the trolling attempts, this > > effort is long welcome. >=20 > I created this patchset a long time ago. I've already lost my context. It > might be better if you keep working on this patch. >=20 Great! I'd like to work on this further. > > There are some issues with the patchset, which I intend to cover in > > subsequent emails. I have published[1] some fix-up commits on top of > > these patches in an attempt to ensure that, barring the issues with a > > known fix, this works; however, some bugs are definitely still unsolved > > by now, so I decided to discuss the more apparent points first. > >=20 > > [1] http://git.altlinux.org/people/arseny/packages/hasher-priv.git?a=3D= summary >=20 > It looks like you've already started working on finalizing this patch :) >=20 > > There's an issue when hasher-privd tries to fulfill a chrootuid{1,2} > > request: the (eventually) unprivileged task executor process > > successfully invokes waitpid() or the likes on a child process, > > select()s on I/O descriptors, but gets CHLD later =E2=80=94 and it look= s like > > the inherited signal handler causes it to wait again. >=20 > Hm... >=20 > > I've not yet found a decent reproducer =E2=80=94 the following command: > > `hsh-shell $workdir' >=20 > There is no such command. You need to send command to run /bin/sh. Yes, there's no such IPC command, I was referring to a shell command run in the host system by the caller user. >=20 > > reproduces the issue reliably for me, but hsh-mkchroot, hsh-rmchroot, > > hsh-install are all OK. The root cause nevertheless is not yet > > established. It looks like this has to be patched somewhere in > > chrootuid(), but I might be wrong on this one. > >=20 --UlVJffcvxoiEqYs2 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE56JD3UKTLEu/ddrm9dQjyAYL01AFAl92FVsACgkQ9dQjyAYL 01DwjA/9FfwkG+s14ancNFX+ixr6D1nsWwYC+/x8oKU+0lyuERnAmkGI9ZS9SKGr c7gjst3tQciZB31z/TeOWOImTRrdNCFpC9MtitzjVvPv1rELZdheQloeaOFLiBQ6 5w97yrVSDtxtd2jOLwH1Q1ynZJ6l0Vs2+OHzNs2sK3i9No9vC5TPxAEWOZCJC2xO 4Am61WjP00tcdbGoycHky/RIzZIyxSt+Z1/HqpbOxAUJ5TlnX/I0qtKaGfGWMKCe t/89+svaKutAxhDj3KtrE0N1CGaTXz58/3E8sCo3ygibvzPQPPt6/PYz3+7435J/ CM9FZg9R/EGKdh97sib+5tBEQOFgx4vj8IewYTI5qGYE7bG2RT6yPirwiJuzKr/7 z0C004SC9AU8lrYpIZxdhwh6Z/+3KMAqHGB8GICczyIBCVl+F5auRaTktEAP0Ypr mXSTl5+zl1DYmNgiRBCcJEhEmtICCSidW5AjeRZ13y+3oBK+UwxVlMaOQKWUac4b mpKDy8p15hgblMvU47F8JZ1JiYDaKOe+cVEKc1WuRKT+Vh01GP7gIhsMASc/9faa +PIQsiQMaxCUjLuEjquoPFaZzvOwJ/f8gMsF7rq5JQ3zC+fgnlH3Z/KXnWDSVGnz lr/8jZW0p+UkhLWediL4AB+EgwsnRomzWfEgXqrkPAuahIPcU98= =C2rG -----END PGP SIGNATURE----- --UlVJffcvxoiEqYs2--