On Mon, May 16, 2016 at 04:15:23PM -0500, Serge E. Hallyn wrote:
> Quoting Serge E. Hallyn (se...@hallyn.com):
> ...
> > There's a problem though. The above suffices to prevent an unprivileged
> > user
> > in a user_ns from unsharing a user_ns to write a file capability and exploit
> > that
On Mon, May 16, 2016 at 04:15:23PM -0500, Serge E. Hallyn wrote:
> Quoting Serge E. Hallyn (se...@hallyn.com):
> ...
> > There's a problem though. The above suffices to prevent an unprivileged
> > user
> > in a user_ns from unsharing a user_ns to write a file capability and exploit
> > that
Quoting Serge E. Hallyn (se...@hallyn.com):
...
> There's a problem though. The above suffices to prevent an unprivileged user
> in a user_ns from unsharing a user_ns to write a file capability and exploit
> that capability in the ns where he is unprivileged. With one exception, which
> is the
Quoting Serge E. Hallyn (se...@hallyn.com):
...
> There's a problem though. The above suffices to prevent an unprivileged user
> in a user_ns from unsharing a user_ns to write a file capability and exploit
> that capability in the ns where he is unprivileged. With one exception, which
> is the
Quoting Jann Horn (j...@thejh.net):
> On Tue, May 03, 2016 at 12:54:40AM -0500, Eric W. Biederman wrote:
> > "Serge E. Hallyn" writes:
> >
> > > Quoting Andrew G. Morgan (mor...@kernel.org):
> > >>
> > >> I guess I'm confused how we have strayed so far that this isn't an
> >
Quoting Jann Horn (j...@thejh.net):
> On Tue, May 03, 2016 at 12:54:40AM -0500, Eric W. Biederman wrote:
> > "Serge E. Hallyn" writes:
> >
> > > Quoting Andrew G. Morgan (mor...@kernel.org):
> > >>
> > >> I guess I'm confused how we have strayed so far that this isn't an
> > >> obvious
> > >>
Quoting Serge E. Hallyn (se...@hallyn.com):
> Quoting Eric W. Biederman (ebied...@xmission.com):
> > "Serge E. Hallyn" writes:
> >
> > > Quoting Andrew G. Morgan (mor...@kernel.org):
> > >>
> > >> I guess I'm confused how we have strayed so far that this isn't an
> > >>
Quoting Serge E. Hallyn (se...@hallyn.com):
> Quoting Eric W. Biederman (ebied...@xmission.com):
> > "Serge E. Hallyn" writes:
> >
> > > Quoting Andrew G. Morgan (mor...@kernel.org):
> > >>
> > >> I guess I'm confused how we have strayed so far that this isn't an
> > >> obvious
> > >>
Quoting Eric W. Biederman (ebied...@xmission.com):
> "Andrew G. Morgan" writes:
>
> > On 2 May 2016 6:04 p.m., "Eric W. Biederman"
> > wrote:
> >>
> >> "Serge E. Hallyn" writes:
> >>
> >> > On Tue, Apr 26, 2016 at 03:39:54PM -0700,
Quoting Eric W. Biederman (ebied...@xmission.com):
> "Andrew G. Morgan" writes:
>
> > On 2 May 2016 6:04 p.m., "Eric W. Biederman"
> > wrote:
> >>
> >> "Serge E. Hallyn" writes:
> >>
> >> > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
> >> >> On Tue, Apr 26, 2016 at 3:26 PM,
On Tue, May 03, 2016 at 12:54:40AM -0500, Eric W. Biederman wrote:
> "Serge E. Hallyn" writes:
>
> > Quoting Andrew G. Morgan (mor...@kernel.org):
> >>
> >> I guess I'm confused how we have strayed so far that this isn't an obvious
> >> requirement. Uid=0 as being the root of
On Tue, May 03, 2016 at 12:54:40AM -0500, Eric W. Biederman wrote:
> "Serge E. Hallyn" writes:
>
> > Quoting Andrew G. Morgan (mor...@kernel.org):
> >>
> >> I guess I'm confused how we have strayed so far that this isn't an obvious
> >> requirement. Uid=0 as being the root of privilege was the
Quoting Eric W. Biederman (ebied...@xmission.com):
> "Serge E. Hallyn" writes:
>
> > Quoting Andrew G. Morgan (mor...@kernel.org):
> >>
> >> I guess I'm confused how we have strayed so far that this isn't an obvious
> >> requirement. Uid=0 as being the root of privilege was
Quoting Eric W. Biederman (ebied...@xmission.com):
> "Serge E. Hallyn" writes:
>
> > Quoting Andrew G. Morgan (mor...@kernel.org):
> >>
> >> I guess I'm confused how we have strayed so far that this isn't an obvious
> >> requirement. Uid=0 as being the root of privilege was the basic problem
>
"Serge E. Hallyn" writes:
> Quoting Andrew G. Morgan (mor...@kernel.org):
>>
>> I guess I'm confused how we have strayed so far that this isn't an obvious
>> requirement. Uid=0 as being the root of privilege was the basic problem
>> that capabilities were designed to change.
>
"Serge E. Hallyn" writes:
> Quoting Andrew G. Morgan (mor...@kernel.org):
>>
>> I guess I'm confused how we have strayed so far that this isn't an obvious
>> requirement. Uid=0 as being the root of privilege was the basic problem
>> that capabilities were designed to change.
>
> The task
Quoting Andrew G. Morgan (mor...@kernel.org):
> On 2 May 2016 6:04 p.m., "Eric W. Biederman" wrote:
> >
> > "Serge E. Hallyn" writes:
> >
> > > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
> > >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E.
Quoting Andrew G. Morgan (mor...@kernel.org):
> On 2 May 2016 6:04 p.m., "Eric W. Biederman" wrote:
> >
> > "Serge E. Hallyn" writes:
> >
> > > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
> > >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn
> wrote:
> > >> > Quoting Kees Cook
"Andrew G. Morgan" writes:
> On 2 May 2016 6:04 p.m., "Eric W. Biederman"
> wrote:
>>
>> "Serge E. Hallyn" writes:
>>
>> > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
>> >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E.
"Andrew G. Morgan" writes:
> On 2 May 2016 6:04 p.m., "Eric W. Biederman"
> wrote:
>>
>> "Serge E. Hallyn" writes:
>>
>> > On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
>> >> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn
> wrote:
>> >> > Quoting Kees Cook
"Serge E. Hallyn" writes:
> On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
>> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
>> > Quoting Kees Cook (keesc...@chromium.org):
>> >> On Fri, Apr 22, 2016 at 10:26 AM,
"Serge E. Hallyn" writes:
> On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
>> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
>> > Quoting Kees Cook (keesc...@chromium.org):
>> >> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
>> >> > From: Serge Hallyn
> ...
>> >> This looks
On 05/02/2016 05:54 AM, Serge E. Hallyn wrote:
> On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
>> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
>>> Quoting Kees Cook (keesc...@chromium.org):
On Fri, Apr 22, 2016 at 10:26 AM,
On 05/02/2016 05:54 AM, Serge E. Hallyn wrote:
> On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
>> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
>>> Quoting Kees Cook (keesc...@chromium.org):
On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> From: Serge Hallyn
> ...
On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
> > Quoting Kees Cook (keesc...@chromium.org):
> >> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> >> > From: Serge Hallyn
On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
> > Quoting Kees Cook (keesc...@chromium.org):
> >> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> >> > From: Serge Hallyn
...
> >> This looks like userspace must knowingly be aware
On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
> > Quoting Kees Cook (keesc...@chromium.org):
> >> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> >> > From: Serge Hallyn
On Tue, Apr 26, 2016 at 03:39:54PM -0700, Kees Cook wrote:
> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
> > Quoting Kees Cook (keesc...@chromium.org):
> >> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> >> > From: Serge Hallyn
> >> >
> >> > This can only be set by root in his own
Quoting Kees Cook (keesc...@chromium.org):
> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
> > Quoting Kees Cook (keesc...@chromium.org):
> >> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> >> > From: Serge Hallyn
> >> >
Quoting Kees Cook (keesc...@chromium.org):
> On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
> > Quoting Kees Cook (keesc...@chromium.org):
> >> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> >> > From: Serge Hallyn
> >> >
> >> > This can only be set by root in his own namespace, and will
On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
> Quoting Kees Cook (keesc...@chromium.org):
>> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
>> > From: Serge Hallyn
>> >
>> > This can only be set by root in his own
On Tue, Apr 26, 2016 at 3:26 PM, Serge E. Hallyn wrote:
> Quoting Kees Cook (keesc...@chromium.org):
>> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
>> > From: Serge Hallyn
>> >
>> > This can only be set by root in his own namespace, and will
>> > only be respected by namespaces with that same
Quoting Kees Cook (keesc...@chromium.org):
> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> > From: Serge Hallyn
> >
> > This can only be set by root in his own namespace, and will
> > only be respected by namespaces with that same root kuid
> >
Quoting Kees Cook (keesc...@chromium.org):
> On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> > From: Serge Hallyn
> >
> > This can only be set by root in his own namespace, and will
> > only be respected by namespaces with that same root kuid
> > mapped as root, or namespaces descended from it.
> >
On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> From: Serge Hallyn
>
> This can only be set by root in his own namespace, and will
> only be respected by namespaces with that same root kuid
> mapped as root, or namespaces descended from it.
>
> This
On Fri, Apr 22, 2016 at 10:26 AM, wrote:
> From: Serge Hallyn
>
> This can only be set by root in his own namespace, and will
> only be respected by namespaces with that same root kuid
> mapped as root, or namespaces descended from it.
>
> This allows a simple setxattr to work, allows tar/untar
On Fri, Apr 22, 2016 at 12:26:33PM -0500, serge.hal...@ubuntu.com wrote:
> From: Serge Hallyn
>
> This can only be set by root in his own namespace, and will
> only be respected by namespaces with that same root kuid
> mapped as root, or namespaces descended from it.
>
On Fri, Apr 22, 2016 at 12:26:33PM -0500, serge.hal...@ubuntu.com wrote:
> From: Serge Hallyn
>
> This can only be set by root in his own namespace, and will
> only be respected by namespaces with that same root kuid
> mapped as root, or namespaces descended from it.
>
> This allows a simple
38 matches
Mail list logo