[lxc-devel] [lxc/master] Do not display info if unprivileged (lxc-ls...)

Rachid-Koucha on Github lxc-bot at linuxcontainers.org
Fri May 10 16:47:54 UTC 2019


A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 1336 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190510/a8d637a2/attachment.bin>
-------------- next part --------------
From 24c22aee8d1e262fa77d7b0e45b6dc221885f4f7 Mon Sep 17 00:00:00 2001
From: Rachid Koucha <47061324+Rachid-Koucha at users.noreply.github.com>
Date: Fri, 10 May 2019 18:47:22 +0200
Subject: [PATCH] Do not display info if unprivileged (lxc-ls...)

While doing a lxc-ls without root privileges on privileged containers, some information are displayed. In lxc_container_new(), ongoing_create()'s result is not checked for all possible returned values. Hence, an unprivileged user can send command messages to the container's monitor. For example:

$ lxc-ls -P /.../tests -f
NAME     STATE AUTOSTART GROUPS IPV4 IPV6 UNPRIVILEGED
ctr -     0         -      -    -    false
$ sudo lxc-ls -P /.../tests -f
NAME     STATE   AUTOSTART GROUPS IPV4      IPV6 UNPRIVILEGED
ctr RUNNING 0         -      10.0.3.51 -    false

In lxccontainer.c/lxc_container_new(), add more checks concerning the returned code of ongoing_create() in order to catch privilege problems.
After this change:

$ lxc-ls -P /.../tests -f      <-------- No more display without root privileges
$ sudo lxc-ls -P /.../tests -f
NAME     STATE   AUTOSTART GROUPS IPV4      IPV6 UNPRIVILEGED
ctr RUNNING 0         -      10.0.3.37 -    false
$
---
 src/lxc/lxccontainer.c | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index 98f86a24e4..c653b3e8cd 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -5249,6 +5249,7 @@ struct lxc_container *lxc_container_new(const char *name, const char *configpath
 {
 	struct lxc_container *c;
 	size_t len;
+	int rc;
 
 	if (!name)
 		return NULL;
@@ -5302,10 +5303,26 @@ struct lxc_container *lxc_container_new(const char *name, const char *configpath
 		goto err;
 	}
 
-	if (ongoing_create(c) == 2) {
+	rc = ongoing_create(c);
+	switch(rc) {
+	// Uncompleted container creation
+	case 2:
 		ERROR("Failed to complete container creation for %s", c->name);
 		container_destroy(c, NULL);
 		lxcapi_clear_config(c);
+		break;
+	// Container creation is on tracks
+	case 1:
+		goto err;
+		break;
+	// Error
+	case -1:
+		// No display if privilege problem
+		if (EACCES != errno && EPERM != errno) {
+			ERROR("Failed checking for incomplete container %s creation", c->name);
+		}
+		goto err;
+		break;
 	}
 
 	c->daemonize = true;


More information about the lxc-devel mailing list