CVE-2013-6456: Avoid unsafe use of /proc/$PID/root in LXC shutdown/reboot code
authorEric Blake <eblake@redhat.com>
Tue, 24 Dec 2013 05:55:51 +0000 (22:55 -0700)
committerDaniel P. Berrange <berrange@redhat.com>
Tue, 18 Feb 2014 17:07:52 +0000 (17:07 +0000)
commitbd9ec4506e29a9ce682961eee99d0326ed64145d
treea6d9d55c4571b6e3c6bea3e5f585e49dc5cfbc4d
parent534efa4e08c6dc61c3373bd84b7f6d7935acb7b3
CVE-2013-6456: Avoid unsafe use of /proc/$PID/root in LXC shutdown/reboot code

Use helper virProcessRunInMountNamespace in lxcDomainShutdownFlags and
lxcDomainReboot.  Otherwise, a malicious guest could use symlinks
to force the host to manipulate the wrong file in the host's namespace.

Idea by Dan Berrange, based on an initial report by Reco
<recoverym4n@gmail.com> at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732394

Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit aebbcdd33c8c18891f0bdbbf8924599a28152c9c)

Conflicts:
src/lxc/lxc_driver.c: OOM error reporting changes
src/util/virinitctl.c: OOM error reporting changes
src/lxc/lxc_driver.c
src/util/virinitctl.c
src/util/virinitctl.h