Re: [PATCH 1/1] simplified security.nscapability xattr

On Mon, May 16, 2016 at 04:15:23PM -0500, Serge E. Hallyn wrote: > Quoting Serge E. Hallyn (se...@hallyn.com): > ... > > There's a problem though. The above suffices to prevent an unprivileged > > user > > in a user_ns from unsharing a user_ns to write a file capability and exploit > > that

Re: [PATCH 1/1] simplified security.nscapability xattr

On Mon, May 16, 2016 at 04:15:23PM -0500, Serge E. Hallyn wrote: > Quoting Serge E. Hallyn (se...@hallyn.com): > ... > > There's a problem though. The above suffices to prevent an unprivileged > > user > > in a user_ns from unsharing a user_ns to write a file capability and exploit > > that

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Serge E. Hallyn (se...@hallyn.com): ... > There's a problem though. The above suffices to prevent an unprivileged user > in a user_ns from unsharing a user_ns to write a file capability and exploit > that capability in the ns where he is unprivileged. With one exception, which > is the

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Serge E. Hallyn (se...@hallyn.com): ... > There's a problem though. The above suffices to prevent an unprivileged user > in a user_ns from unsharing a user_ns to write a file capability and exploit > that capability in the ns where he is unprivileged. With one exception, which > is the

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Jann Horn (j...@thejh.net): > On Tue, May 03, 2016 at 12:54:40AM -0500, Eric W. Biederman wrote: > > "Serge E. Hallyn" writes: > > > > > Quoting Andrew G. Morgan (mor...@kernel.org): > > >> > > >> I guess I'm confused how we have strayed so far that this isn't an > >

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Jann Horn (j...@thejh.net): > On Tue, May 03, 2016 at 12:54:40AM -0500, Eric W. Biederman wrote: > > "Serge E. Hallyn" writes: > > > > > Quoting Andrew G. Morgan (mor...@kernel.org): > > >> > > >> I guess I'm confused how we have strayed so far that this isn't an > > >> obvious > > >>

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Serge E. Hallyn (se...@hallyn.com): > Quoting Eric W. Biederman (ebied...@xmission.com): > > "Serge E. Hallyn" writes: > > > > > Quoting Andrew G. Morgan (mor...@kernel.org): > > >> > > >> I guess I'm confused how we have strayed so far that this isn't an > > >>

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Serge E. Hallyn (se...@hallyn.com): > Quoting Eric W. Biederman (ebied...@xmission.com): > > "Serge E. Hallyn" writes: > > > > > Quoting Andrew G. Morgan (mor...@kernel.org): > > >> > > >> I guess I'm confused how we have strayed so far that this isn't an > > >> obvious > > >>

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Eric W. Biederman (ebied...@xmission.com): > "Andrew G. Morgan" writes: > > > On 2 May 2016 6:04 p.m., "Eric W. Biederman" > > wrote: > >> > >> "Serge E. Hallyn" writes: > >> > >> > On Tue, Apr 26, 2016 at 03:39:54PM -0700,

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Eric W. Biederman (ebied...@xmission.com): > "Andrew G. Morgan" writes: > > > On 2 May 2016 6:04 p.m., "Eric W. Biederman" > > wrote: > >> > >> "Serge E. Hallyn" writes: > >> > >> > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: > >> >> On Tue, Apr 26, 2016 at 3:26 PM,

Re: [PATCH 1/1] simplified security.nscapability xattr

On Tue, May 03, 2016 at 12:54:40AM -0500, Eric W. Biederman wrote: > "Serge E. Hallyn" writes: > > > Quoting Andrew G. Morgan (mor...@kernel.org): > >> > >> I guess I'm confused how we have strayed so far that this isn't an obvious > >> requirement. Uid=0 as being the root of

Re: [PATCH 1/1] simplified security.nscapability xattr

On Tue, May 03, 2016 at 12:54:40AM -0500, Eric W. Biederman wrote: > "Serge E. Hallyn" writes: > > > Quoting Andrew G. Morgan (mor...@kernel.org): > >> > >> I guess I'm confused how we have strayed so far that this isn't an obvious > >> requirement. Uid=0 as being the root of privilege was the

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Eric W. Biederman (ebied...@xmission.com): > "Serge E. Hallyn" writes: > > > Quoting Andrew G. Morgan (mor...@kernel.org): > >> > >> I guess I'm confused how we have strayed so far that this isn't an obvious > >> requirement. Uid=0 as being the root of privilege was

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Eric W. Biederman (ebied...@xmission.com): > "Serge E. Hallyn" writes: > > > Quoting Andrew G. Morgan (mor...@kernel.org): > >> > >> I guess I'm confused how we have strayed so far that this isn't an obvious > >> requirement. Uid=0 as being the root of privilege was the basic problem >

Re: [PATCH 1/1] simplified security.nscapability xattr

"Serge E. Hallyn" writes: > Quoting Andrew G. Morgan (mor...@kernel.org): >> >> I guess I'm confused how we have strayed so far that this isn't an obvious >> requirement. Uid=0 as being the root of privilege was the basic problem >> that capabilities were designed to change. >

Re: [PATCH 1/1] simplified security.nscapability xattr

"Serge E. Hallyn" writes: > Quoting Andrew G. Morgan (mor...@kernel.org): >> >> I guess I'm confused how we have strayed so far that this isn't an obvious >> requirement. Uid=0 as being the root of privilege was the basic problem >> that capabilities were designed to change. > > The task

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Andrew G. Morgan (mor...@kernel.org): > On 2 May 2016 6:04 p.m., "Eric W. Biederman" wrote: > > > > "Serge E. Hallyn" writes: > > > > > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: > > >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E.

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Andrew G. Morgan (mor...@kernel.org): > On 2 May 2016 6:04 p.m., "Eric W. Biederman" wrote: > > > > "Serge E. Hallyn" writes: > > > > > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: > > >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn > wrote: > > >> > Quoting Kees Cook

Re: [PATCH 1/1] simplified security.nscapability xattr

"Andrew G. Morgan" writes: > On 2 May 2016 6:04 p.m., "Eric W. Biederman" > wrote: >> >> "Serge E. Hallyn" writes: >> >> > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: >> >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E.

Re: [PATCH 1/1] simplified security.nscapability xattr

"Andrew G. Morgan" writes: > On 2 May 2016 6:04 p.m., "Eric W. Biederman" > wrote: >> >> "Serge E. Hallyn" writes: >> >> > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: >> >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn > wrote: >> >> > Quoting Kees Cook

Re: [PATCH 1/1] simplified security.nscapability xattr

"Serge E. Hallyn" writes: > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: >> > Quoting Kees Cook (keesc...@chromium.org): >> >> On Fri, Apr 22, 2016 at 10:26 AM,

Re: [PATCH 1/1] simplified security.nscapability xattr

"Serge E. Hallyn" writes: > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: >> > Quoting Kees Cook (keesc...@chromium.org): >> >> On Fri, Apr 22, 2016 at 10:26 AM, wrote: >> >> > From: Serge Hallyn > ... >> >> This looks

Re: [PATCH 1/1] simplified security.nscapability xattr

On 05/02/2016 05:54 AM, Serge E. Hallyn wrote: > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: >>> Quoting Kees Cook (keesc...@chromium.org): On Fri, Apr 22, 2016 at 10:26 AM,

Re: [PATCH 1/1] simplified security.nscapability xattr

On 05/02/2016 05:54 AM, Serge E. Hallyn wrote: > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: >>> Quoting Kees Cook (keesc...@chromium.org): On Fri, Apr 22, 2016 at 10:26 AM, wrote: > From: Serge Hallyn > ...

Re: [PATCH 1/1] simplified security.nscapability xattr

On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: > On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: > > Quoting Kees Cook (keesc...@chromium.org): > >> On Fri, Apr 22, 2016 at 10:26 AM, wrote: > >> > From: Serge Hallyn

Re: [PATCH 1/1] simplified security.nscapability xattr

On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: > On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: > > Quoting Kees Cook (keesc...@chromium.org): > >> On Fri, Apr 22, 2016 at 10:26 AM, wrote: > >> > From: Serge Hallyn ... > >> This looks like userspace must knowingly be aware

Re: [PATCH 1/1] simplified security.nscapability xattr

On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: > On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: > > Quoting Kees Cook (keesc...@chromium.org): > >> On Fri, Apr 22, 2016 at 10:26 AM, wrote: > >> > From: Serge Hallyn

Re: [PATCH 1/1] simplified security.nscapability xattr

On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote: > On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: > > Quoting Kees Cook (keesc...@chromium.org): > >> On Fri, Apr 22, 2016 at 10:26 AM, wrote: > >> > From: Serge Hallyn > >> > > >> > This can only be set by root in his own

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Kees Cook (keesc...@chromium.org): > On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: > > Quoting Kees Cook (keesc...@chromium.org): > >> On Fri, Apr 22, 2016 at 10:26 AM, wrote: > >> > From: Serge Hallyn > >> >

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Kees Cook (keesc...@chromium.org): > On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: > > Quoting Kees Cook (keesc...@chromium.org): > >> On Fri, Apr 22, 2016 at 10:26 AM, wrote: > >> > From: Serge Hallyn > >> > > >> > This can only be set by root in his own namespace, and will

Re: [PATCH 1/1] simplified security.nscapability xattr

On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: > Quoting Kees Cook (keesc...@chromium.org): >> On Fri, Apr 22, 2016 at 10:26 AM, wrote: >> > From: Serge Hallyn >> > >> > This can only be set by root in his own

Re: [PATCH 1/1] simplified security.nscapability xattr

On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote: > Quoting Kees Cook (keesc...@chromium.org): >> On Fri, Apr 22, 2016 at 10:26 AM, wrote: >> > From: Serge Hallyn >> > >> > This can only be set by root in his own namespace, and will >> > only be respected by namespaces with that same

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Kees Cook (keesc...@chromium.org): > On Fri, Apr 22, 2016 at 10:26 AM, wrote: > > From: Serge Hallyn > > > > This can only be set by root in his own namespace, and will > > only be respected by namespaces with that same root kuid > >

Re: [PATCH 1/1] simplified security.nscapability xattr

Quoting Kees Cook (keesc...@chromium.org): > On Fri, Apr 22, 2016 at 10:26 AM, wrote: > > From: Serge Hallyn > > > > This can only be set by root in his own namespace, and will > > only be respected by namespaces with that same root kuid > > mapped as root, or namespaces descended from it. > >

Re: [PATCH 1/1] simplified security.nscapability xattr

On Fri, Apr 22, 2016 at 10:26 AM, wrote: > From: Serge Hallyn > > This can only be set by root in his own namespace, and will > only be respected by namespaces with that same root kuid > mapped as root, or namespaces descended from it. > > This

Re: [PATCH 1/1] simplified security.nscapability xattr

On Fri, Apr 22, 2016 at 10:26 AM, wrote: > From: Serge Hallyn > > This can only be set by root in his own namespace, and will > only be respected by namespaces with that same root kuid > mapped as root, or namespaces descended from it. > > This allows a simple setxattr to work, allows tar/untar

Re: [PATCH 1/1] simplified security.nscapability xattr

On Fri, Apr 22, 2016 at 12:26:33PM -0500, serge.hal...@ubuntu.com wrote: > From: Serge Hallyn > > This can only be set by root in his own namespace, and will > only be respected by namespaces with that same root kuid > mapped as root, or namespaces descended from it. >

Re: [PATCH 1/1] simplified security.nscapability xattr

On Fri, Apr 22, 2016 at 12:26:33PM -0500, serge.hal...@ubuntu.com wrote: > From: Serge Hallyn > > This can only be set by root in his own namespace, and will > only be respected by namespaces with that same root kuid > mapped as root, or namespaces descended from it. > > This allows a simple

[PATCH 1/1] simplified security.nscapability xattr

From: Serge Hallyn This can only be set by root in his own namespace, and will only be respected by namespaces with that same root kuid mapped as root, or namespaces descended from it. This allows a simple setxattr to work, allows tar/untar to work, and allows us to tar

[PATCH 1/1] simplified security.nscapability xattr

From: Serge Hallyn This can only be set by root in his own namespace, and will only be respected by namespaces with that same root kuid mapped as root, or namespaces descended from it. This allows a simple setxattr to work, allows tar/untar to work, and allows us to tar in one namespace and