lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Dec 2012 14:32:12 -0800 From: ebiederm@...ssion.com (Eric W. Biederman) To: "Serge E. Hallyn" <serge@...lyn.com> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, containers@...ts.linux-foundation.org, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Andy Lutomirski <luto@...capital.net>, linux-security-module@...r.kernel.org Subject: Re: [RFC][PATCH] Fix cap_capable to only allow owners in the parent user namespace to have caps. "Serge E. Hallyn" <serge@...lyn.com> writes: > Quoting Eric W. Biederman (ebiederm@...ssion.com): >> A child user namespace having capabilities against processes in it's >> parent seems totally bizarre and pretty dangerous from a capabilities >> standpoint. > > How would it have them against its parent? init_user_ns userns a --- created by kuid 1 userns b -- created by kuid 2 process c in userns b with kuid 1 Serge read the first permisison check in common_cap. Think what happens in the above example. For the rest I understand your concern. Serge please read and look at the patches I have posted to fix the issues Andy found with the user namespace tree. Especially the fix to commit_creds. After you have looked at the patches to fix the issues I will be happy to discuss things further with you. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists