On Wednesday, July 10, 2013 07:59:08 Eric W. Biederman wrote:
> Stephen Mell writes:
>
> > Currently, the proc mount options hidepid and pidgid are stored on the
> > pid_namespace struct that serves as proc's superblock info. As a
> > result, mounting proc fro
a new struct, proc_sb_info, which contains the mount options
and a reference to to the pid namespace. This should enable a future patch to
make the pid namespace a mount option.
Signed-off-by: Stephen Mell
---
fs/proc/base.c| 41 ++
fs/proc/in
From: Stephen Mell
Currently, it is nearly impossible to give a capability to a non-root user that
will stick around after the first execve. This patch adds a new securebit,
exec_inherit, which causes all credential modification logic to be skipped.
This is already possible, in a hackish
From: Stephen Mell
Currently, there is no userspace method to mount proc for a pid namespace other
than the current one. In light of the new namespace filedescriptors, this patch
adds a mount option to use the namespace represented by the specified
filedescriptor instead of the current pid
From: Stephen Mell
hide_pid and pid_gid are proc mount options whose values are stored in the
pid_namespace struct. As a result, if one mounts proc again for the same PID
namespace with different mount options, all mounts for that PID namespace will
be affected. This seems undesirable. This
On Friday, May 24, 2013 17:14:13 Gu Zheng wrote:
> One fuzzy way in my mind, I'm not sure whether it's OK, but we can discuss it.
> Split hide_pid, pid_gid, and proc_self from pid_namespace, and create struct
> proc_sb_info(maybe the name "proc_mount_info" is better).
> And create a new list dom
Gu,
On Friday, May 24, 2013 11:03:31 Gu Zheng wrote:
> Hi Stephen,
>
> On 05/24/2013 07:32 AM, Stephen Mell wrote:
>
> > On Thursday, May 23, 2013 18:20:57 Gu Zheng wrote:
> >
> >> Here it'll create a new proc sb instance which holds the same context a
On Thursday, May 23, 2013 18:20:57 Gu Zheng wrote:
> Here it'll create a new proc sb instance which holds the same context as the
> old ones
> each time we mount proc though in the same PID namespace, won't it?
I believe so. But this is the point, right? They won't be identical if
different moun
From: Stephen Mell
hide_pid and pid_gid are proc mount options whose values are stored in the
pid_namespace struct. As a result, if one mounts proc again for the same PID
namespace with different mount options, all mounts for that PID namespace will
be affected. This seems undesirable. This
9 matches
Mail list logo