CopyFail: From Pod to Host

50 points by tptacek 1 day ago | 10 comments

exceptione 13 hours ago |

FYI: I had tried this exploit with rootless podman containers to write to read-only mounts, but the exploit failed. I am not sure if the default container runtime in Podman is resistant against these attacks or if it assumes Docker running containers with higher privileges, but at least it was a pleasant observation. (kernel 6.18)

tptacek 8 hours ago | |

Are you not using OverlayFS? The exploit vector here relies on OverlayFS. What you want to reason about generally is (a) whether you have AF_ALG sockets exposed and (b) whether attackers have access to files (via inode) whose cached contents will affect other processes.

AlfieJones 13 hours ago |

It feels like AI is speeding up bug discovery faster than security can keep up. Curious if this is temporary or just the new normal.

bbmp 12 hours ago | |

It only getting worse now that AI is also writing bug faster than humans

louwrentius 13 hours ago |

Maybe I’m missing something but because of this kind of risk, an old fashioned virtual machine feels like a more robust security boundary.

1970-01-01 8 hours ago | |

Robust goes both ways. It's a layer. That means is both a boundary and an attack surface. More is..more.

itintheory 11 hours ago | |

While containers have some useful properties, it was never intended to be, and never really functioned as a strict security boundary. We've duct-taped around that, and it's reasonably good now, but that only goes so far.

hun3 11 hours ago | |

No, "virtual machine" alone doesn't make things safer.

Shrink your attack surface.

Use a completely locked down seccomp. Use nsjail or gVisor for containers. Use microvm or libkrun for full OS.

Lesser attack surface is what matters. Virtualization is only half of the story.