Issue 784871 link

Starred by 2 users

Issue metadata

Status:	Fixed
Owner:	mortonm@chromium.org
Closed:	Jan 16
Cc:	mnissler@chromium.org
Components:	OS>Systems
EstimatedDays:	----
NextAction:	----
OS:	Chrome
Pri:	3
Type:	Feature
Hotlist-Recharge-Cold Security

Lock down non-regular-file filesystem objects in stateful

Project Member Reported by jorgelo@chromium.org, Nov 14 2017

Issue description

We've seen numerous attacks against verified boot relying on various non-file filesystem objects (symlinks, FIFOs, etc.). The most recent example is  issue 766253 .

Expand the LSM started in issue 712814 to block these objects as well.

Project Member

Comment 1 by sheriffbot@chromium.org, Nov 14

Labels: Hotlist-Recharge-Cold
Status: Untriaged (was: Available)

This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 2 by mnissler@chromium.org, Jan 16

Owner: mortonm@chromium.org
Status: Fixed (was: Untriaged)

This has been addressed by mortonm@'s work. Assigning and closing :-D

►

Issue 784871 link

Issue metadata

Lock down non-regular-file filesystem objects in stateful

Issue description

Comment 1 by sheriffbot@chromium.org, Nov 14

Comment 1 Deleted

Comment 2 by mnissler@chromium.org, Jan 16

Comment 2 Deleted

Sign in to add a comment