7106a19458
ldd.1: Add a little more detail on why ldd is unsafe with untrusted executables
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-05 12:44:39 +02:00
0fa34fb396
utimensat.2: Note that the glibc wrapper disallows pathname==NULL
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-02 11:25:51 +02:00
2389c1e3c1
utimensat.2: Minor fix: reorder some text in NOTES
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-02 11:20:42 +02:00
f69c2584a9
getpriority.2: Make discussion of RLIMIT_NICE more prominent
...
The discussion of RLIMIT_NICE was hidden under the EPERM error,
where it was difficult to find. Place some relevant text in
DESCRIPTION.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-02 00:45:20 +02:00
b8bc577b89
getpriority.2: Clarify equivalence between lower nice value and higher priority
...
Reported-by: Robin Kuzmin <kuzmin.robin@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-02 00:36:43 +02:00
653c1fe2e2
getpriority.2: Note that getpriority()/setpriority deal with same attribute as nice(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-02 00:32:32 +02:00
659cc17f4f
setfsgid.2, setfsuid.2: Note which glibc version stopped checking for truncation of the argument
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-02 00:15:24 +02:00
dc439d82cb
setfsgid.2, setfsuid.2: Move glibc wrapper notes to "C library/kernel differences" subsection
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-02 00:13:05 +02:00
de61071a21
setfsgid.2, setfsuid.2: Fix note about errors from the syscall wrapper
...
See sysdeps/unix/sysv/linux/i386/setfsuid.c in glibc-2.2.1.
(This code is not present in modern glibc anymore.)
Signed-off-by: Jann Horn <jannh@google.com>
2016-07-02 00:09:30 +02:00
658a3012f8
bootparam.7: tfix
...
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
2016-07-01 20:57:31 +02:00
999d535dde
dir_colors.5: tfix
...
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
2016-07-01 20:56:47 +02:00
48235a56f3
syscalls.2: tfix
...
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
2016-07-01 20:56:11 +02:00
e203673ac7
unshare.2: Add reference to mount_namespaces(7) under CLONE_NEWNS description
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
c212248c77
clone.2: Add reference to mount_namespaces(7) under CLONE_NEWNS description
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
39b3f0058e
clone.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
b7b798454a
mount.2: Refer reader to mount_namespaces(7) for details on propagation types
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
f481726d64
mount_namespaces.7: Minor fixes
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
e210919644
mount_namespaces.7: Describe "dominant peer group" and "propagate_from" mountinfo tag
...
Reported-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
966b583993
proc.5: Move shared subtree /proc/PID/mountinfo fields to mount_namespaces(7)
...
Move information on shared subtree fields in /proc/PID/mountinfo
to mount_namespaces(7).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
211f4a1468
proc.5: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
803c129a65
proc.5: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
ef5b47f63c
proc.5: Add references to mount_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
a67271b0c9
umount.2: SEE ALSO: add mount_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
3077ac0f12
mount.2: SEE ALSO: s/namespaces(7)/mount_namespaces(7)/
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
da031af127
namespaces.7: Refer to new mount_namespaces(7) for information on mount namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
d9cdf357c9
mount_namespaces.7: Minor tweaks
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
98c28960c3
mount_namespaces.7: New page describing mount namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
20eed1b32f
proc.5: /proc/PID/mountinfo 'propagate_from' always appears with 'master' tag
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
124b24148b
proc.5: Rework /proc/PID/mountinfo text on dominant peer groups
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
e7fa660159
proc.5: ffix + wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
fa7ae0ea13
user_namespaces.7: Correct kernel version where XFS added support for user namespaces
...
Linux 3.12, not 3.11.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:18 +02:00
028b5760e8
ptrace.2: Minor fixes after review by Kees Cook
...
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
e48ed83a6a
ptrace.2: tfix
...
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
d5765e275d
ptrace.2: Note that user namespaces can be used to bypass Yama protections
...
Cowrittten-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
801245a110
user_namespaces.7: SEE ALSO: add ptrace(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
e532361686
ptrace.2: Update Yama ptrace_scope documentation
...
Reframe the discussion in terms of PTRACE_MODE_ATTACH checks,
and make a few other minor tweaks and additions.
Reviewed-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
94b0464cc2
ptrace.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
b0459842ff
ptrace.2: srcfix: add 2015 copyright notice for mtk
...
(Yama ptrace_scope text added in 2015.)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
00172d8d96
ptrace.2: Add an introductory paragraph to the Ptrace access mode checks" section
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
1c22e40a71
ptrace.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
3224581342
ptrace.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
edb7368474
ptrace.2: Relocate text noting that PTRACE_MODE_* constants are kernel-internal
...
(No content changes.)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
be26fa864f
ptrace.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
bcd0d82dac
ptrace.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
3cd161fe57
ptrace.2: Describe PTRACE_MODE_NOAUDIT in more detail
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
78f0786577
ptrace.2: Further fixes after review from Jann Horn
...
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
a330bffa78
ptrace.2: Minor improvements to ptrace access mode text
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
611d3ac40a
ptrace.2: Various fixes after review by Jann Horn
...
Among other things, Jann pointed out that the commoncap LSM
is always invoked, and Kees Cook pointed out the relevant
kernel code:
===
> BTW, can you point me at the piece(s) of kernel code that show that
> "commoncap" is always invoked in addition to any other LSM that has
> been installed?
It's not entirely obvious, but the bottom of security/commoncap.c shows:
struct security_hook_list capability_hooks[] = {
LSM_HOOK_INIT(capable, cap_capable),
...
};
void __init capability_add_hooks(void)
{
security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks));
}
And security/security.c shows the initialization order of the LSMs:
int __init security_init(void)
{
pr_info("Security Framework initialized\n");
/*
* Load minor LSMs, with the capability module always first.
*/
capability_add_hooks();
yama_add_hooks();
loadpin_add_hooks();
/*
* Load all the remaining security modules.
*/
do_security_initcalls();
return 0;
}
===
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
0647331a06
kcmp.2, ptrace.2: tfix
...
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
e4e2367fe6
ptrace.2: Clarify the purpose of mentioning the kernel PTRACE_MODE_* constants
...
The "ptrace access mode" text is about user-space-visible
behavior, but in order to explain that behavior at what I
believe is a sufficient level of detail (e.g., to differentiate
the various types of checks that are performed for various
system calls and pseudofile accesses), one needs (1) to discuss
the MODE flag details as implemented in the kernel, and (2) to
have a shorthand way to refer to the various cases from other
pages. It's not absolutely necessary to name the flags for (1),
but using the flag names is certainly a handy shorthand for (2).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
Michael Kerrisk