Quoting Eric W. Biederman (ebied...@xmission.com):
> Theodore Ts'o writes:
>
> > On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
> >> I forget the details, but there was another case where I wanted to
> >> have the userns which 'owns' the whole fs available. I guess we'd
> >> have
Theodore Ts'o writes:
> On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
>> I forget the details, but there was another case where I wanted to
>> have the userns which 'owns' the whole fs available. I guess we'd
>> have to check against that instead of using inode_capable.
>
> Yes,
On Tue, Apr 29, 2014 at 5:44 PM, Serge Hallyn wrote:
> Quoting Andy Lutomirski (l...@amacapital.net):
>> On Tue, Apr 29, 2014 at 5:21 PM, Serge Hallyn
>> wrote:
>> > Quoting Andy Lutomirski (l...@amacapital.net):
>> >> > It should be a nonissue so long as we make sure that a file owned by a
>> >
Quoting Andy Lutomirski (l...@amacapital.net):
> On Tue, Apr 29, 2014 at 5:21 PM, Serge Hallyn wrote:
> > Quoting Andy Lutomirski (l...@amacapital.net):
> >> > It should be a nonissue so long as we make sure that a file owned by a
> >> > uid outside the scope of the container may not be changed ev
Quoting Theodore Ts'o (ty...@mit.edu):
> On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
> > I forget the details, but there was another case where I wanted to
> > have the userns which 'owns' the whole fs available. I guess we'd
> > have to check against that instead of using inode_
On Tue, Apr 29, 2014 at 5:32 PM, Theodore Ts'o wrote:
> On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
>> I forget the details, but there was another case where I wanted to
>> have the userns which 'owns' the whole fs available. I guess we'd
>> have to check against that instead of
On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
> I forget the details, but there was another case where I wanted to
> have the userns which 'owns' the whole fs available. I guess we'd
> have to check against that instead of using inode_capable.
Yes, that sounds right.
And *please*
On Tue, Apr 29, 2014 at 5:21 PM, Serge Hallyn wrote:
> Quoting Andy Lutomirski (l...@amacapital.net):
>> > It should be a nonissue so long as we make sure that a file owned by a
>> > uid outside the scope of the container may not be changed even though
>> > fs_owner_uid is set. Otherwise, it's jus
Quoting Andy Lutomirski (l...@amacapital.net):
> On Tue, Apr 29, 2014 at 5:01 PM, Stéphane Graber wrote:
> > On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
> >> On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber
> >> wrote:
> >> > On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lu
Quoting Andy Lutomirski (l...@amacapital.net):
> On 04/29/2014 03:29 PM, Serge Hallyn wrote:
> > Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
> >> On 04/30/2014 01:02 AM, Serge Hallyn wrote:
> >>> Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
> On 04/29/2014 09:52 PM,
On Tue, Apr 29, 2014 at 5:10 PM, Marian Marinov wrote:
> On 04/30/2014 03:01 AM, Stéphane Graber wrote:
>>
>> On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
>>>
>>> On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber
>>> wrote:
On Tue, Apr 29, 2014 at 04:22:55PM -0700, An
On Tue, Apr 29, 2014 at 5:01 PM, Stéphane Graber wrote:
> On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
>> On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber wrote:
>> > On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
>> >> On Tue, Apr 29, 2014 at 4:20 PM, Marian
On 04/30/2014 03:01 AM, Stéphane Graber wrote:
On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber wrote:
On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov wrote:
On
On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
> On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber wrote:
> > On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
> >> On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov wrote:
> >> > On 04/30/2014 01:45 AM, Andy Lutomirsk
On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
> On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov wrote:
> > On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
> >>
> >> On 04/29/2014 03:29 PM, Serge Hallyn wrote:
> >>>
> >>> Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
>
On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber wrote:
> On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
>> On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov wrote:
>> > On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
>> >>
>> >> On 04/29/2014 03:29 PM, Serge Hallyn wrote:
>> >>>
>
On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov wrote:
> On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
>>
>> On 04/29/2014 03:29 PM, Serge Hallyn wrote:
>>>
>>> Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
>
> Quoting Mari
On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
On 04/29/2014 03:29 PM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/29/2014 09:52 PM, Serge Hallyn wrote
On Tue, Apr 29, 2014 at 4:06 PM, Theodore Ts'o wrote:
> On Tue, Apr 29, 2014 at 03:45:24PM -0700, Andy Lutomirski wrote:
>>
>> Wait, what?
>>
>> Inodes aren't owned by user namespaces; they're owned by users. And any
>> user can arrange to have a user namespace in which they pass an
>> inode_capa
On Tue, Apr 29, 2014 at 03:45:24PM -0700, Andy Lutomirski wrote:
>
> Wait, what?
>
> Inodes aren't owned by user namespaces; they're owned by users. And any
> user can arrange to have a user namespace in which they pass an
> inode_capable check on any inode that they own.
>
> Presumably there's
On 04/29/2014 03:29 PM, Serge Hallyn wrote:
> Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
>> On 04/30/2014 01:02 AM, Serge Hallyn wrote:
>>> Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
> Quoting Theodore Ts'o (tytso-3s
Quoting Marian Marinov (m...@1h.com):
> On 04/30/2014 01:02 AM, Serge Hallyn wrote:
> >Quoting Marian Marinov (m...@1h.com):
> >>On 04/29/2014 09:52 PM, Serge Hallyn wrote:
> >>>Quoting Theodore Ts'o (ty...@mit.edu):
> On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
> >
> >>
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
Quoting Marian Marinov (m...@1h.com):
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
Quoting Theodore Ts'o (ty...@mit.edu):
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
I'm proposing a fix to this, by replacing the capable(CAP_LINUX
Quoting Marian Marinov (m...@1h.com):
> On 04/29/2014 09:52 PM, Serge Hallyn wrote:
> >Quoting Theodore Ts'o (ty...@mit.edu):
> >>On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
> >>>
> >>>I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
> >>>check with ns_
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
Quoting Theodore Ts'o (ty...@mit.edu):
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
check with ns_capable(current_cred()->user_ns, CAP_LINUX_IMMUTABLE).
U
Quoting Theodore Ts'o (ty...@mit.edu):
> On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
> >
> > I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
> > check with ns_capable(current_cred()->user_ns, CAP_LINUX_IMMUTABLE).
>
> Um, wouldn't it be better to sim
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
>
> I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
> check with ns_capable(current_cred()->user_ns, CAP_LINUX_IMMUTABLE).
Um, wouldn't it be better to simply fix the capable() function?
/**
* capable - D
Hello,
when using user namespaces I found a bug in the capability checks done by ioctl.
If someone tries to use chattr +i while in a different user namespace it will
get the following:
ioctl(3, EXT2_IOC_SETFLAGS, 0x7fffa4fedacc) = -1 EPERM (Operation not permitted)
I'm proposing a fix to this,
28 matches
Mail list logo
