On Fri, Nov 10, 2017 at 1:30 PM, Serge E. Hallyn wrote:
> Quoting Mahesh Bandewar (महेश बंडेवार) (mahe...@google.com):
> ...
>> >>
>> >> ==
>> >>
>> >> +controlled_userns_caps_whitelist
>> >> +
>> >> +Capability mask that is whitelisted
Quoting Mahesh Bandewar (महेश बंडेवार) (mahe...@google.com):
...
> >>
> >> ==
> >>
> >> +controlled_userns_caps_whitelist
> >> +
> >> +Capability mask that is whitelisted for "controlled" user namespaces.
> >> +Any capability that is miss
On Fri, Nov 10, 2017 at 2:30 AM, Serge E. Hallyn wrote:
> Quoting Mahesh Bandewar (mah...@bandewar.net):
>> From: Mahesh Bandewar
>>
>> Add a sysctl variable kernel.controlled_userns_caps_whitelist. This
>
> I understand the arguments in favor of whitelists in most cases for
> security purposes.
On Fri, Nov 10, 2017 at 2:22 AM, Serge E. Hallyn wrote:
> Quoting Mahesh Bandewar (mah...@bandewar.net):
>> From: Mahesh Bandewar
>>
>> Add a sysctl variable kernel.controlled_userns_caps_whitelist. This
>> takes input as capability mask expressed as two comma separated hex
>> u32 words. The mask
Quoting Mahesh Bandewar (mah...@bandewar.net):
> From: Mahesh Bandewar
>
> Add a sysctl variable kernel.controlled_userns_caps_whitelist. This
I understand the arguments in favor of whitelists in most cases for
security purposes. But given that you've said the goal here is to
prevent use of a c
Quoting Mahesh Bandewar (mah...@bandewar.net):
> From: Mahesh Bandewar
>
> Add a sysctl variable kernel.controlled_userns_caps_whitelist. This
> takes input as capability mask expressed as two comma separated hex
> u32 words. The mask, however, is stored in kernel as kernel_cap_t type.
>
> Any c
From: Mahesh Bandewar
Add a sysctl variable kernel.controlled_userns_caps_whitelist. This
takes input as capability mask expressed as two comma separated hex
u32 words. The mask, however, is stored in kernel as kernel_cap_t type.
Any capabilities that are not part of this mask will be controlled