| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 May 2018 17:40:50 +0200
From: Dongsu Park <dongsu@...volk.io>
To: "Eric W. Biederman" <ebiederm@...ssion.com>
Cc: Linux Containers <containers@...ts.linux-foundation.org>,
linux-fsdevel@...r.kernel.org,
Seth Forshee <seth.forshee@...onical.com>,
LKML <linux-kernel@...r.kernel.org>,
Christian Brauner <christian@...uner.io>
Subject: Re: [REVIEW][PATCH 0/6] Wrapping up the vfs support for unprivileged mounts
Hi,
On Thu, May 24, 2018 at 1:22 AM, Eric W. Biederman
<ebiederm@...ssion.com> wrote:
>
> Very slowly the work has been progressing to ensure the vfs has the
> necessary support for mounting filesystems without privilege.
>
> This patchset contains one more core piece of that work, ensuring a few
> more operations that would write back an inode and confuse an exisiting
> filesystem are denied.
>
> The rest of the changes actually enable userns root to do things with
> filesystems that the userns root has mounted. Most of these have been
> waiting in the wings a long time, held back because I wanted the core
> of the patchset to be solid before I started allowing additional
> behavor.
>
> It is definitely time for these changes so the effect of s_user_ns
> becomes less theoretical.
>
> The change to allow mknod is new, but consistent with everything else
> and harmless as device nodes on filesystems mounted without privilege
> are ignored.
>
> Unless problems show up in the during review I plan to merge these changes.
Thank you for the great work. I have been looking forward to seeing it.
I have just gathered available relevant patches in my branch:
https://github.com/kinvolk/linux/tree/dongsu/fuse-userns-for-4.18
With this branch, I tested sshfs/fuse from non-init user namespace.
It works fine as expected. So you can add:
Tested-by: Dongsu Park <dongsu@...volk.io>
Thanks!
Dongsu
> These changes are also available at:
> git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git userns-test
>
> Eric W. Biederman (5):
> vfs: Don't allow changing the link count of an inode with an invalid uid or gid
> vfs: Allow userns root to call mknod on owned filesystems.
> fs: Allow superblock owner to replace invalid owners of inodes
> fs: Allow superblock owner to access do_remount_sb()
> capabilities: Allow privileged user in s_user_ns to set security.* xattrs
>
> Seth Forshee (1):
> fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems
>
> fs/attr.c | 36 ++++++++++++++++++++++++++++--------
> fs/ioctl.c | 4 ++--
> fs/namei.c | 16 ++++++++++++----
> fs/namespace.c | 4 ++--
> security/commoncap.c | 8 ++++++--
> 5 files changed, 50 insertions(+), 18 deletions(-)
>
> Eric
> _______________________________________________
> Containers mailing list
> Containers@...ts.linux-foundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/containers
Powered by blists - more mailing lists