Re: [dm-devel] [PATCH v4 03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces

Seth Forshee <seth.fors...@canonical.com> writes: > On Wed, May 18, 2016 at 10:45:31AM -0500, Eric W. Biederman wrote: >> > But if we do that it violates some of the assumptions of the patch to >> > rework MNT_NODEV on your testing branch (and also those behind

Re: [dm-devel] [PATCH RESEND v2 11/18] fs: Ensure the mounter of a filesystem is privileged towards its inodes

Seth Forshee <seth.fors...@canonical.com> writes: > On Tue, Mar 29, 2016 at 08:36:09PM -0500, Eric W. Biederman wrote: >> Seth Forshee <seth.fors...@canonical.com> writes: >> >> > On Fri, Mar 04, 2016 at 04:43:06PM -0600, Eric W. Biederman wrote: >> &

Re: [dm-devel] [PATCH RESEND v2 11/18] fs: Ensure the mounter of a filesystem is privileged towards its inodes

Seth Forshee <seth.fors...@canonical.com> writes: > On Fri, Mar 04, 2016 at 04:43:06PM -0600, Eric W. Biederman wrote: >> In general this is only an issue if uids and gids on the filesystem >> do not map into the user namespace. >> >> Therefore the general fix

Re: [dm-devel] [PATCH RESEND v2 11/18] fs: Ensure the mounter of a filesystem is privileged towards its inodes

Seth Forshee <seth.fors...@canonical.com> writes: > On Fri, Mar 04, 2016 at 04:43:06PM -0600, Eric W. Biederman wrote: >> Seth Forshee <seth.fors...@canonical.com> writes: >> >> > On Mon, Jan 04, 2016 at 12:03:50PM -0600, Seth Forshee wrote: >> >>

Re: [dm-devel] [PATCH RESEND v2 11/18] fs: Ensure the mounter of a filesystem is privileged towards its inodes

Seth Forshee writes: > On Mon, Jan 04, 2016 at 12:03:50PM -0600, Seth Forshee wrote: >> The mounter of a filesystem should be privileged towards the >> inodes of that filesystem. Extend the checks in >> inode_owner_or_capable() and capable_wrt_inode_uidgid() to >>