| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20120328075549.GA2204@moon> Date: Wed, 28 Mar 2012 11:55:49 +0400 From: Cyrill Gorcunov <gorcunov@...nvz.org> To: "Eric W. Biederman" <ebiederm@...ssion.com> Cc: "Serge E. Hallyn" <serge@...lyn.com>, Oleg Nesterov <oleg@...hat.com>, LKML <linux-kernel@...r.kernel.org>, Andrew Morton <akpm@...ux-foundation.org>, Pavel Emelyanov <xemul@...allels.com>, "Serge E. Hallyn" <serge.hallyn@...onical.com> Subject: Re: [rfc] fcntl: Add F_GETOWNER_UIDS option On Wed, Mar 28, 2012 at 12:51:02AM -0700, Eric W. Biederman wrote: > > And we could require for a while that F_GETOWNER_UIDS should be called > > from initial user namespace only. Then we could extend it for being > > called from any user-namespace if such need appear. Or I miss > > something? > > Yes. All that is needed in the short term to do this is a Kconfig > dependency that limits it a kernel with user namespace support not > built in something like: "depends !USER_NS" > > Or a check like: > if (current_user_ns() != init_user_ns) > return -EINVAL; > > Basically the mapping would ultimately become: > uid = from_kuid(current_user_ns(), fown->uid); > euid = from_kuid(current_user_ns(), fown->euid); > > The different types allow a compile error if you forget the translation. OK, thanks for the hint! Cyrill -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists