From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id CEC7F1FF170 for ; Thu, 10 Jul 2025 11:29:29 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 2B29E1F1F2; Thu, 10 Jul 2025 11:30:14 +0200 (CEST) Date: Thu, 10 Jul 2025 11:30:10 +0200 From: Wolfgang Bumiller To: Filip Schauer Message-ID: References: <20250709123435.64796-1-f.schauer@proxmox.com> <20250709123435.64796-11-f.schauer@proxmox.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20250709123435.64796-11-f.schauer@proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL 0.078 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_SHORT 0.001 Use of a URL Shortener for very short URL RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pve-devel] [PATCH lxcfs v3 10/13] lxc.mount.hook: override env variables from container config X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Cc: pve-devel@lists.proxmox.com Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" NAK This needs to be handled differently. Before this series `lxc.environment` could not be set at all except by manually modifying the config as *root*. If we want to support the `Env` key in OCI images, we need to either replace the `init` command with a wrapper setting that environment before running the final command, or lxc itself needs to learn a new configuration for this (eg. an `lxc.environment.runtime`). On Wed, Jul 09, 2025 at 02:34:27PM +0200, Filip Schauer wrote: > This can still break `/bin/sh` if an OCI image injects a different > `libc.so.6` with $LD_LIBRARY_PATH. > > Signed-off-by: Filip Schauer > --- > Arbitrary code execution is theoretically still possible with a > specially crafted OCI image that provides a shared library and points > $LD_LIBRARY_PATH to its parent directory. Although the code is confined > to the container's namespace, it can still see the host file system. > While this may not pose a significant security risk, it is nonetheless > suboptimal. I am unsure about the best way to fully mitigate this. > > Introduced in v3 > > .../patches/reset-path-to-host-defaults.patch | 38 +++++++++++++++++++ > debian/patches/series | 1 + > 2 files changed, 39 insertions(+) > create mode 100644 debian/patches/reset-path-to-host-defaults.patch > > diff --git a/debian/patches/reset-path-to-host-defaults.patch b/debian/patches/reset-path-to-host-defaults.patch > new file mode 100644 > index 0000000..12f150d > --- /dev/null > +++ b/debian/patches/reset-path-to-host-defaults.patch > @@ -0,0 +1,38 @@ > +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 > +From: Filip Schauer > +Date: Mon, 23 Jun 2025 13:05:35 +0200 > +Subject: [PATCH] lxc.mount.hook: override env variables from container > + config > + > +Without this, if the container config specifies a custom PATH variable > +via lxc.environment that omits /usr/bin or /bin, binaries like > +`readlink` and `mount` may not be found, causing container startup to > +fail. > + > +Fixes startup breakage with images like `ghcr.io/nixos/nix:latest`. > + > +This also mitigates arbitrary code execution during container startup > +before pivot_root (albeit confined in its own namespace) with a > +specially crafted OCI image providing a custom `readlink` or `mount` > +binary and pointing the PATH variable to it. > + > +Signed-off-by: Filip Schauer > +--- > + share/lxc.mount.hook.in | 4 ++++ > + 1 file changed, 4 insertions(+) > + > +diff --git a/share/lxc.mount.hook.in b/share/lxc.mount.hook.in > +index 6fd13b0..a25a5ef 100755 > +--- a/share/lxc.mount.hook.in > ++++ b/share/lxc.mount.hook.in > +@@ -11,6 +11,10 @@ do > + shift > + done > + > ++# Set the PATH variable in case it was modified by lxc.environment > ++PATH=/usr/bin:/bin > ++LD_LIBRARY_PATH= > ++ > + # We're dealing with mount entries, so expand any symlink > + LXC_ROOTFS_MOUNT=$(readlink -f "${LXC_ROOTFS_MOUNT}") > + > diff --git a/debian/patches/series b/debian/patches/series > index bf650b4..f3391c0 100644 > --- a/debian/patches/series > +++ b/debian/patches/series > @@ -1 +1,2 @@ > do-not-start-without-lxcfs.patch > +reset-path-to-host-defaults.patch > -- > 2.47.2 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel