[Bug 484786] [NEW] Too easy to circumvent AppArmor using btrfs snapshots
John Dong
jdong at johndong.com
Wed Nov 18 14:32:08 UTC 2009
Public bug reported:
Binary package hint: apparmor
I just realized that the btrfs snapshotting ioctl is usable by all
users, not root as I previously assumed. This makes it concerningly easy
for users on btrfs to defeat a path-based MAC framework like AppArmor.
For example, consider the gdm-guest-session user. If I log into a gdm-guest-session on btrfs:
(1) ls /home ==> Permission denied as expected, by AppArmor.
(2) cd /tmp
(3) btrfsctl -s test / (Make a snapshot of / in /tmp called test)
(4) cd /tmp/test
(5) Profit! Apparmor-unrestricted mirror of / in /tmp/test!
As btrfs inevitably will become a mainstream filesystem, it's a good time to begin thinking about how to handle this situation.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
Too easy to circumvent AppArmor using btrfs snapshots
https://bugs.launchpad.net/bugs/484786
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list