On 02/09/2022 14:26, xiujianfeng wrote:

Hi,

在 2022/9/2 1:10, Mickaël Salaün 写道:

quoted

Hmm, I think there is an issue with this series. Landlock only enforces
restrictions at open time or when dealing with user-supplied file paths
(relative or absolute). The use of the path_truncate hook in this series
doesn't distinguish between file descriptor from before the current
sandbox or from after being sandboxed. For instance, if a file
descriptor is received through a unix socket, it is assumed that this is
legitimate and no Landlock restriction apply on it, which is not the
case with this series anymore. It is the same for files opened before
the process sandbox itself.

so I think this issue also exists in the chown/chmod series, right?
there is a testcase in that patchset verify the corresponding rights
inside the sanbox with a fd opened before sanboxing.

Correct. For LANDLOCK_ACCESS_FS_TRUNCATE, we need to add tests to make 
sure that:
* a sandboxed process with the truncate restriction can open a file in 
write mode, forward it to an un-sandboxed process, and make sure this 
receiver cannot truncate the file descriptor, nor its dup.
* an inherited file descriptor can be truncated even if done by a 
sandboxed process, except if it was created by a sandboxed process and 
the truncate restriction applied on it.

However, for the file metadata accesses, I suggest you first focus on 
the inode_setattr and inode_setxattr hook modifications. We'll get back 
to this FD-based restrictions later.