On Tue, Jul 7, 2026 at 7:47 AM Neal Gompa <[email protected]> wrote:
>
> I don't entirely agree with this assessment. Fixing the handler so
> that it doesn't execute it if it's not marked executable would largely
> mitigate this problem too.

This does not work. Someone did *exactly* this and I was able to
leverage it to escape sandboxes (vuln report is under embargo at the
moment). When you use a binfmt-misc handler, then when the sandboxed
executable tries to run the program, the kernel runs it *in* the
sandbox. When you use a MIME handler that gates access on the
executable bit, where the handler executes outside of the sandbox,
then when the sandboxed executable calls the MIME handler on a
marked-executable file, the file runs outside of (and thus escapes)
the sandbox.

--
Aaron
-- 
_______________________________________________
devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://forge.fedoraproject.org/infra/tickets/issues/new

Reply via email to