Quoting Eric W. Biederman (ebied...@xmission.com):
> Theodore Ts'o writes:
>
> > On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
> >> I forget the details, but there was another case where I wanted to
> >> have the userns which 'owns' the whole fs available. I guess we'd
> >> have
Theodore Ts'o writes:
> On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
>> I forget the details, but there was another case where I wanted to
>> have the userns which 'owns' the whole fs available. I guess we'd
>> have to check against that instead of using inode_capable.
>
> Yes,
Theodore Ts'o ty...@mit.edu writes:
On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
I forget the details, but there was another case where I wanted to
have the userns which 'owns' the whole fs available. I guess we'd
have to check against that instead of using inode_capable.
Quoting Eric W. Biederman (ebied...@xmission.com):
Theodore Ts'o ty...@mit.edu writes:
On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
I forget the details, but there was another case where I wanted to
have the userns which 'owns' the whole fs available. I guess we'd
have
On Tue, Apr 29, 2014 at 5:44 PM, Serge Hallyn wrote:
> Quoting Andy Lutomirski (l...@amacapital.net):
>> On Tue, Apr 29, 2014 at 5:21 PM, Serge Hallyn
>> wrote:
>> > Quoting Andy Lutomirski (l...@amacapital.net):
>> >> > It should be a nonissue so long as we make sure that a file owned by a
>>
Quoting Andy Lutomirski (l...@amacapital.net):
> On Tue, Apr 29, 2014 at 5:21 PM, Serge Hallyn wrote:
> > Quoting Andy Lutomirski (l...@amacapital.net):
> >> > It should be a nonissue so long as we make sure that a file owned by a
> >> > uid outside the scope of the container may not be changed
Quoting Theodore Ts'o (ty...@mit.edu):
> On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
> > I forget the details, but there was another case where I wanted to
> > have the userns which 'owns' the whole fs available. I guess we'd
> > have to check against that instead of using
On Tue, Apr 29, 2014 at 5:32 PM, Theodore Ts'o wrote:
> On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
>> I forget the details, but there was another case where I wanted to
>> have the userns which 'owns' the whole fs available. I guess we'd
>> have to check against that instead
On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
> I forget the details, but there was another case where I wanted to
> have the userns which 'owns' the whole fs available. I guess we'd
> have to check against that instead of using inode_capable.
Yes, that sounds right.
And
On Tue, Apr 29, 2014 at 5:21 PM, Serge Hallyn wrote:
> Quoting Andy Lutomirski (l...@amacapital.net):
>> > It should be a nonissue so long as we make sure that a file owned by a
>> > uid outside the scope of the container may not be changed even though
>> > fs_owner_uid is set. Otherwise, it's
Quoting Andy Lutomirski (l...@amacapital.net):
> On Tue, Apr 29, 2014 at 5:01 PM, Stéphane Graber wrote:
> > On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
> >> On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber
> >> wrote:
> >> > On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy
Quoting Andy Lutomirski (l...@amacapital.net):
> On 04/29/2014 03:29 PM, Serge Hallyn wrote:
> > Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
> >> On 04/30/2014 01:02 AM, Serge Hallyn wrote:
> >>> Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
> On 04/29/2014 09:52 PM,
On Tue, Apr 29, 2014 at 5:10 PM, Marian Marinov wrote:
> On 04/30/2014 03:01 AM, Stéphane Graber wrote:
>>
>> On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
>>>
>>> On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber
>>> wrote:
On Tue, Apr 29, 2014 at 04:22:55PM -0700,
On Tue, Apr 29, 2014 at 5:01 PM, Stéphane Graber wrote:
> On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
>> On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber wrote:
>> > On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
>> >> On Tue, Apr 29, 2014 at 4:20 PM,
On 04/30/2014 03:01 AM, Stéphane Graber wrote:
On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber wrote:
On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov wrote:
On
On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
> On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber wrote:
> > On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
> >> On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov wrote:
> >> > On 04/30/2014 01:45 AM, Andy
On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
> On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov wrote:
> > On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
> >>
> >> On 04/29/2014 03:29 PM, Serge Hallyn wrote:
> >>>
> >>> Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber wrote:
> On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
>> On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov wrote:
>> > On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
>> >>
>> >> On 04/29/2014 03:29 PM, Serge Hallyn wrote:
>> >>>
On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov wrote:
> On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
>>
>> On 04/29/2014 03:29 PM, Serge Hallyn wrote:
>>>
>>> Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
>
> Quoting
On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
On 04/29/2014 03:29 PM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/29/2014 09:52 PM, Serge Hallyn
On Tue, Apr 29, 2014 at 4:06 PM, Theodore Ts'o wrote:
> On Tue, Apr 29, 2014 at 03:45:24PM -0700, Andy Lutomirski wrote:
>>
>> Wait, what?
>>
>> Inodes aren't owned by user namespaces; they're owned by users. And any
>> user can arrange to have a user namespace in which they pass an
>>
On Tue, Apr 29, 2014 at 03:45:24PM -0700, Andy Lutomirski wrote:
>
> Wait, what?
>
> Inodes aren't owned by user namespaces; they're owned by users. And any
> user can arrange to have a user namespace in which they pass an
> inode_capable check on any inode that they own.
>
> Presumably
On 04/29/2014 03:29 PM, Serge Hallyn wrote:
> Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
>> On 04/30/2014 01:02 AM, Serge Hallyn wrote:
>>> Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
> Quoting Theodore Ts'o
Quoting Marian Marinov (m...@1h.com):
> On 04/30/2014 01:02 AM, Serge Hallyn wrote:
> >Quoting Marian Marinov (m...@1h.com):
> >>On 04/29/2014 09:52 PM, Serge Hallyn wrote:
> >>>Quoting Theodore Ts'o (ty...@mit.edu):
> On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
> >
>
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
Quoting Marian Marinov (m...@1h.com):
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
Quoting Theodore Ts'o (ty...@mit.edu):
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
I'm proposing a fix to this, by replacing the
Quoting Marian Marinov (m...@1h.com):
> On 04/29/2014 09:52 PM, Serge Hallyn wrote:
> >Quoting Theodore Ts'o (ty...@mit.edu):
> >>On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
> >>>
> >>>I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
> >>>check with
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
Quoting Theodore Ts'o (ty...@mit.edu):
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
check with ns_capable(current_cred()->user_ns, CAP_LINUX_IMMUTABLE).
Quoting Theodore Ts'o (ty...@mit.edu):
> On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
> >
> > I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
> > check with ns_capable(current_cred()->user_ns, CAP_LINUX_IMMUTABLE).
>
> Um, wouldn't it be better to
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
>
> I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
> check with ns_capable(current_cred()->user_ns, CAP_LINUX_IMMUTABLE).
Um, wouldn't it be better to simply fix the capable() function?
/**
* capable -
Hello,
when using user namespaces I found a bug in the capability checks done by ioctl.
If someone tries to use chattr +i while in a different user namespace it will
get the following:
ioctl(3, EXT2_IOC_SETFLAGS, 0x7fffa4fedacc) = -1 EPERM (Operation not permitted)
I'm proposing a fix to
Hello,
when using user namespaces I found a bug in the capability checks done by ioctl.
If someone tries to use chattr +i while in a different user namespace it will
get the following:
ioctl(3, EXT2_IOC_SETFLAGS, 0x7fffa4fedacc) = -1 EPERM (Operation not permitted)
I'm proposing a fix to
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
check with ns_capable(current_cred()-user_ns, CAP_LINUX_IMMUTABLE).
Um, wouldn't it be better to simply fix the capable() function?
/**
* capable -
Quoting Theodore Ts'o (ty...@mit.edu):
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
check with ns_capable(current_cred()-user_ns, CAP_LINUX_IMMUTABLE).
Um, wouldn't it be better to simply fix
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
Quoting Theodore Ts'o (ty...@mit.edu):
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
check with ns_capable(current_cred()-user_ns, CAP_LINUX_IMMUTABLE).
Quoting Marian Marinov (m...@1h.com):
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
Quoting Theodore Ts'o (ty...@mit.edu):
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
I'm proposing a fix to this, by replacing the capable(CAP_LINUX_IMMUTABLE)
check with
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
Quoting Marian Marinov (m...@1h.com):
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
Quoting Theodore Ts'o (ty...@mit.edu):
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
I'm proposing a fix to this, by replacing the
Quoting Marian Marinov (m...@1h.com):
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
Quoting Marian Marinov (m...@1h.com):
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
Quoting Theodore Ts'o (ty...@mit.edu):
On Tue, Apr 29, 2014 at 04:49:14PM +0300, Marian Marinov wrote:
I'm proposing a fix to
On 04/29/2014 03:29 PM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/29/2014 09:52 PM, Serge Hallyn wrote:
Quoting Theodore Ts'o
On Tue, Apr 29, 2014 at 03:45:24PM -0700, Andy Lutomirski wrote:
Wait, what?
Inodes aren't owned by user namespaces; they're owned by users. And any
user can arrange to have a user namespace in which they pass an
inode_capable check on any inode that they own.
Presumably there's a
On Tue, Apr 29, 2014 at 4:06 PM, Theodore Ts'o ty...@mit.edu wrote:
On Tue, Apr 29, 2014 at 03:45:24PM -0700, Andy Lutomirski wrote:
Wait, what?
Inodes aren't owned by user namespaces; they're owned by users. And any
user can arrange to have a user namespace in which they pass an
On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
On 04/29/2014 03:29 PM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/29/2014 09:52 PM, Serge Hallyn
On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov m...@1h.com wrote:
On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
On 04/29/2014 03:29 PM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
Quoting Marian Marinov
On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber stgra...@ubuntu.com wrote:
On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov m...@1h.com wrote:
On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
On 04/29/2014 03:29 PM, Serge
On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov m...@1h.com wrote:
On 04/30/2014 01:45 AM, Andy Lutomirski wrote:
On 04/29/2014 03:29 PM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On
On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber stgra...@ubuntu.com wrote:
On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:20 PM, Marian Marinov m...@1h.com wrote:
On 04/30/2014
On 04/30/2014 03:01 AM, Stéphane Graber wrote:
On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber stgra...@ubuntu.com wrote:
On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:20 PM, Marian
On Tue, Apr 29, 2014 at 5:01 PM, Stéphane Graber stgra...@ubuntu.com wrote:
On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber stgra...@ubuntu.com wrote:
On Tue, Apr 29, 2014 at 04:22:55PM -0700, Andy Lutomirski wrote:
On Tue,
On Tue, Apr 29, 2014 at 5:10 PM, Marian Marinov m...@1h.com wrote:
On 04/30/2014 03:01 AM, Stéphane Graber wrote:
On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber stgra...@ubuntu.com
wrote:
On Tue, Apr 29, 2014 at 04:22:55PM
Quoting Andy Lutomirski (l...@amacapital.net):
On 04/29/2014 03:29 PM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/30/2014 01:02 AM, Serge Hallyn wrote:
Quoting Marian Marinov (mm-108mbtlg...@public.gmane.org):
On 04/29/2014 09:52 PM, Serge Hallyn
Quoting Andy Lutomirski (l...@amacapital.net):
On Tue, Apr 29, 2014 at 5:01 PM, Stéphane Graber stgra...@ubuntu.com wrote:
On Tue, Apr 29, 2014 at 04:51:54PM -0700, Andy Lutomirski wrote:
On Tue, Apr 29, 2014 at 4:47 PM, Stéphane Graber stgra...@ubuntu.com
wrote:
On Tue, Apr 29, 2014 at
On Tue, Apr 29, 2014 at 5:21 PM, Serge Hallyn serge.hal...@ubuntu.com wrote:
Quoting Andy Lutomirski (l...@amacapital.net):
It should be a nonissue so long as we make sure that a file owned by a
uid outside the scope of the container may not be changed even though
fs_owner_uid is set.
On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
I forget the details, but there was another case where I wanted to
have the userns which 'owns' the whole fs available. I guess we'd
have to check against that instead of using inode_capable.
Yes, that sounds right.
And *please*
On Tue, Apr 29, 2014 at 5:32 PM, Theodore Ts'o ty...@mit.edu wrote:
On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
I forget the details, but there was another case where I wanted to
have the userns which 'owns' the whole fs available. I guess we'd
have to check against that
Quoting Theodore Ts'o (ty...@mit.edu):
On Wed, Apr 30, 2014 at 12:16:41AM +, Serge Hallyn wrote:
I forget the details, but there was another case where I wanted to
have the userns which 'owns' the whole fs available. I guess we'd
have to check against that instead of using
Quoting Andy Lutomirski (l...@amacapital.net):
On Tue, Apr 29, 2014 at 5:21 PM, Serge Hallyn serge.hal...@ubuntu.com wrote:
Quoting Andy Lutomirski (l...@amacapital.net):
It should be a nonissue so long as we make sure that a file owned by a
uid outside the scope of the container may not
On Tue, Apr 29, 2014 at 5:44 PM, Serge Hallyn serge.hal...@ubuntu.com wrote:
Quoting Andy Lutomirski (l...@amacapital.net):
On Tue, Apr 29, 2014 at 5:21 PM, Serge Hallyn serge.hal...@ubuntu.com
wrote:
Quoting Andy Lutomirski (l...@amacapital.net):
It should be a nonissue so long as we
56 matches
Mail list logo