Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent privilege escalation #10232

Merged
merged 1 commit into from
May 26, 2020
Merged

Prevent privilege escalation #10232

merged 1 commit into from
May 26, 2020

Conversation

jackcmay
Copy link
Contributor

Problem

Cross-program invocations refer to the original transaction to enforce the is_signer and is_writable attributes of invoked instructions. Doing so respects the original transaction's privileges but allows a privilege escalation between programs. Even though the original transaction authorizes the behavior, it is a large foot gun because it relies on a careful review of the programs being invoked.

Summary of Changes

Enforce invoked instructions privileges against the calling instruction's privileges rather than the original transaction's.

Fixes #

@jackcmay jackcmay added the v1.2 label May 25, 2020
@jackcmay jackcmay force-pushed the priv-inheritence branch from f310e5f to 39a23a8 Compare May 25, 2020 19:26
garious
garious reviewed May 25, 2020
View reviewed changes
programs/bpf/rust/invoke/src/lib.rs Outdated Show resolved Hide resolved
programs/bpf_loader/src/syscalls.rs Outdated Show resolved Hide resolved
@jackcmay jackcmay force-pushed the priv-inheritence branch from 5c17768 to 6072a02 Compare May 26, 2020 05:30
@jackcmay jackcmay added the automerge Merge this Pull Request automatically once CI passes label May 26, 2020
@codecov
Copy link

codecov bot commented May 26, 2020

Codecov Report

Merging #10232 into master will decrease coverage by 0.0%.
The diff coverage is 19.1%.

@@            Coverage Diff            @@
##           master   #10232     +/-   ##
=========================================
- Coverage    81.4%    81.4%   -0.1%     
=========================================
  Files         282      282             
  Lines       65979    65934     -45     
=========================================
- Hits        53764    53701     -63     
- Misses      12215    12233     +18

@solana-grimes solana-grimes merged commit 03abd3d into solana-labs:master May 26, 2020
mergify bot pushed a commit that referenced this pull request May 26, 2020
@jackcmay
Prevent privilege escalation (#10232)
94bf584 
automerge

(cherry picked from commit 03abd3d)
@mergify mergify bot mentioned this pull request May 26, 2020
Merged
solana-grimes pushed a commit that referenced this pull request May 26, 2020
@mergify
Prevent privilege escalation (#10232) (#10247)
8c8e2c4 
automerge
@jackcmay jackcmay deleted the priv-inheritence branch May 26, 2020 15:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CriesofCarrots CriesofCarrots CriesofCarrots left review comments

@garious garious garious left review comments

Assignees
No one assigned
Labels
automerge Merge this Pull Request automatically once CI passes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jackcmay @garious @CriesofCarrots @solana-grimes