Menu
▾
▴
[Linux-ima-devel] xattr validation in IMA
|
From: Jan K. <ja...@su...> - 2014-10-22 09:02:37
|
Hello, Coverity made me look into how IMA handles xattrs and it appears that it just blindly believes that whatever userspace passes as security.ima xattr has a format of evm_ima_xattr_data. However that isn't necessarily true (you can even be passed NULL as xattr_value which will oops immediately). It isn't a security issue AFAICS since you allow only CAP_SYS_ADMIN processes to manipulate with the xattr but still it is a very bad practice to allow userspace to screw kernel like that... Honza -- Jan Kara <ja...@su...> SUSE Labs, CR |
