Skip to content

Commit

Permalink
interfaces/seccomp: explicitly disallow the use of ioctl + TIOCLINUX
Browse files Browse the repository at this point in the history 
Fixes CVE-2023-1523

Signed-off-by: Alex Murray <alex.murray@canonical.com>
  • Loading branch information
@alexmurray @mvo5
alexmurray authored and mvo5 committed May 27, 2023
1 parent e4681c5 commit dddcfd6
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions interfaces/seccomp/template.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,13 @@ inotify_rm_watch
# input (man tty_ioctl), so we disallow it to prevent snaps plugging interfaces
# with 'capability sys_admin' from interfering with other snaps or the
# unconfined user's terminal.
# similarly, TIOCLINUX allows to fake input as well (man ioctl_console) so
# disallow that too
# TODO: this should be scaled back even more
~ioctl - TIOCSTI
~ioctl - TIOCLINUX
# restrict argument otherwise will match all uses of ioctl() and allow the rules
# that were disallowed above - TODO: why does this still restrict TIOCLINUX?
ioctl - !TIOCSTI
io_cancel
Expand Down

0 comments on commit dddcfd6

Please sign in to comment.