touch-packages team mailing list archive

Thread
Date

[Bug 484786] Re: Better support for btrfs snapshots

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Thu, 23 Oct 2014 14:35:46 -0000
Reply-to: Bug 484786 <484786@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: apparmor (Ubuntu)
   Importance: Low => Medium

** Changed in: apparmor (Ubuntu)
       Status: Confirmed => Triaged

** Also affects: linux (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: linux (Ubuntu)
       Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/484786

Title:
  Better support for btrfs snapshots

Status in AppArmor Linux application security framework:
  Triaged
Status in “apparmor” package in Ubuntu:
  Triaged
Status in “linux” package in Ubuntu:
  Triaged

Bug description:
  Binary package hint: apparmor

  I just realized that the btrfs snapshotting ioctl is usable by all
  users, not root as I previously assumed. This makes it concerningly
  easy for users on btrfs to defeat a path-based MAC framework like
  AppArmor.

  
  For example, consider the gdm-guest-session user. If I log into a gdm-guest-session on btrfs:

  
  (1) ls /home ==> Permission denied as expected, by AppArmor.

  
  (2) cd /tmp

  (3) btrfsctl -s test / (Make a snapshot of / in /tmp called test)

  (4) cd /tmp/test

  (5) Profit! Apparmor-unrestricted mirror of / in /tmp/test!

  
  As btrfs inevitably will become a mainstream filesystem, it's a good time to begin thinking about how to handle this situation.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/484786/+subscriptions