Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

A question about the CVE-2021-30465 blog #3

Open
lizhi16 opened this issue Nov 7, 2022 · 1 comment
Open

A question about the CVE-2021-30465 blog #3

lizhi16 opened this issue Nov 7, 2022 · 1 comment

Comments

@lizhi16
Copy link

lizhi16 commented Nov 7, 2022

Greetings,

Thanks for your blog, it is very useful to help us understand this vulnerability. But there is a question about your comments mentioned in the blog.

In your comments, does the comment (Even with newer syscalls like openat2() you still need to mount(/proc/self/fd/X, /proc/self/fd/Y) to be race free, not sure how useful having a new mount flag to fail when one of the params is a symlink would be, but this is a huge footgun.) mean that some mount flags will be invalid if using '/proc/self/fd/X' as the parameter in the mount command?

Thanks!
@champtar
Copy link
Owner

champtar commented Jan 5, 2023

Hello @lizhi16

What I meant is that none of the mount() flags help for this issue, you must always use /proc/self/fd/X.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@champtar @lizhi16