From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <legion@altlinux.ru>
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
 sa.local.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
 autolearn=unavailable autolearn_force=no version=3.4.1
Date: Thu, 1 Oct 2020 22:01:29 +0200
From: Alexey Gladkov <legion@altlinux.ru>
To: Arseny Maslennikov <arseny@altlinux.org>
Message-ID: <20201001200129.x6z5whtbuhpxjr2v@comp-core-i7-2640m-0182e6>
References: <cover.1576183643.git.legion@altlinux.org>
 <20200917130935.GA286846@cello>
 <20201001172111.owhjozg4pqagbtll@comp-core-i7-2640m-0182e6>
 <20201001174400.GA1037402@cello>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature"; boundary="ydj5ikbw3qozqpca"
Content-Disposition: inline
In-Reply-To: <20201001174400.GA1037402@cello>
Cc: devel@lists.altlinux.org, ldv@altlinux.org
Subject: Re: [devel] [PATCH hasher-priv v1 0/3] Make a daemon from the
 hasher-priv
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux Team development discussions <devel@lists.altlinux.org>
List-Id: ALT Linux Team development discussions <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Oct 2020 20:01:38 -0000
Archived-At: <http://lore.altlinux.org/devel/20201001200129.x6z5whtbuhpxjr2v@comp-core-i7-2640m-0182e6/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


--ydj5ikbw3qozqpca
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Oct 01, 2020 at 08:44:00PM +0300, Arseny Maslennikov wrote:
> On Thu, Oct 01, 2020 at 07:21:11PM +0200, Alexey Gladkov wrote:
> > On Thu, Sep 17, 2020 at 04:09:35PM +0300, Arseny Maslennikov wrote:
> > > On Fri, Dec 13, 2019 at 12:42:02PM +0100, Alex Gladkov wrote:
> > > > From: Alexey Gladkov <legion@altlinux.org>
> > > >=20
> > > > The hasher-priv is a SUID utility. This is not good. Separation of =
the
> > > > server and client parts will allow us to remove SUID flag.
> > > >=20
> > > > The separation of server and client is not intended to give clients
> > > > access over the network. This separation is only necessary to disti=
nguish
> > > > privileges. Only UNIX domain socket is used.
> > > >=20
> > > > A separate session process is created for each connected user. Each=
 such
> > > > process ends after a certain period of inactivity.
> > >=20
> > > Thank you for trying this idea out; despite the trolling attempts, th=
is
> > > effort is long welcome.
> >=20
> > I created this patchset a long time ago. I've already lost my context. =
It
> > might be better if you keep working on this patch.
> >=20
>=20
> Great! I'd like to work on this further.

You have asked many questions. I didn=E2=80=99t answer everything because t=
hese
patches are already 5 years old and I can hardly remember what I had in my
head when I did them. Submitting patches to the mailing list was the
second attempt to upstream them. Actually, I was afraid of losing them
altogether, so I merged some of the patches. Originally I had about 10
patches in a patchset.

I'm not sure if I have time for this rework. But we can try. We can
discuss the hasher-privd in russian if you like :)

> > > There are some issues with the patchset, which I intend to cover in
> > > subsequent emails. I have published[1] some fix-up commits on top of
> > > these patches in an attempt to ensure that, barring the issues with a
> > > known fix, this works; however, some bugs are definitely still unsolv=
ed
> > > by now, so I decided to discuss the more apparent points first.
> > >=20
> > > [1] http://git.altlinux.org/people/arseny/packages/hasher-priv.git?a=
=3Dsummary
> >=20
> > It looks like you've already started working on finalizing this patch :)
> >=20
> > > There's an issue when hasher-privd tries to fulfill a chrootuid{1,2}
> > > request: the (eventually) unprivileged task executor process
> > > successfully invokes waitpid() or the likes on a child process,
> > > select()s on I/O descriptors, but gets CHLD later =E2=80=94 and it lo=
oks like
> > > the inherited signal handler causes it to wait again.
> >=20
> > Hm...
> >=20
> > > I've not yet found a decent reproducer =E2=80=94 the following comman=
d:
> > > `hsh-shell $workdir'
> >=20
> > There is no such command. You need to send command to run /bin/sh.
>=20
> Yes, there's no such IPC command, I was referring to a shell command run
> in the host system by the caller user.
>=20
> >=20
> > > reproduces the issue reliably for me, but hsh-mkchroot, hsh-rmchroot,
> > > hsh-install are all OK. The root cause nevertheless is not yet
> > > established. It looks like this has to be patched somewhere in
> > > chrootuid(), but I might be wrong on this one.
> > >=20



--=20
Rgrds, legion


--ydj5ikbw3qozqpca
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iF0EABECAB0WIQSuzIk+w2aWgaEZLHKOFEXcaOMeVAUCX3Y1mAAKCRCOFEXcaOMe
VIt+AJ95lJoMD8I3K7drblkSltHCDmJl5wCfc02xt15gkhalkeQVnxJ1W6efw0k=
=z2Mb
-----END PGP SIGNATURE-----

--ydj5ikbw3qozqpca--