oss-sec mailing list archives

Re: Linux: Disabling network namespaces

From: Demi Marie Obenour <demi () invisiblethingslab com>
Date: Tue, 16 Apr 2024 19:13:50 -0400

On Tue, Apr 16, 2024 at 11:31:43PM +0200, Philippe Cerfon wrote:

Hey.

There's even an allegedly "wontfix" bug of mine where I requested that
Debian switches back to a secure default and disables user namesapce which
have a long history of being exploitable:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012547

Don't think the current hole one will have been the last one.

Unfortunately it seems a feature that only a group of people will need is
valued more important than keeping users secure. :-(


The problem with disabling unprivileged userns is that in the desktop
Linux case it actually causes serious problems, because creating a
sandbox is now a privileged operation.  IMO Landlock + seccomp is a much
better solution for sandboxing, but I don't think it can do everything
browsers need yet.

For containers, I'm not aware of a good solution right now.
-- 
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab

Attachment: signature.asc
Description:

Current thread:

Re: Linux: Disabling network namespaces, (continued)
- - - Re: Linux: Disabling network namespaces Solar Designer (Apr 21)
    - Re: Linux: Disabling network namespaces Jordan Glover (Apr 22)
    - Re: Linux: Disabling network namespaces Demi Marie Obenour (Apr 23)
    - Re: Linux: Disabling network namespaces Simon McVittie (Apr 23)
    - Re: Linux: Disabling network namespaces John Johansen (Apr 29)
    - Re: Linux: Disabling network namespaces Simon McVittie (Apr 21)
    - Re: Linux: Disabling network namespaces Solar Designer (Apr 21)
  - Re: Linux: Disabling network namespaces nightmare . yeah27 (Apr 19)
    - Re: Re: Linux: Disabling network namespaces John Johansen (Apr 29)
- Re: Linux: Disabling network namespaces Philippe Cerfon (Apr 16)
  - Re: Linux: Disabling network namespaces Demi Marie Obenour (Apr 16)