lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 22 May 2013 15:23:39 -0400
From:	"J. Bruce Fields" <bfields@...ldses.org>
To:	"Eric W. Biederman" <ebiederm@...ssion.com>
Cc:	Stanislav Kinsbursky <skinsbursky@...allels.com>,
	viro@...iv.linux.org.uk, serge.hallyn@...onical.com,
	jlayton@...hat.com, lucas.demarchi@...fusion.mobi,
	rusty@...tcorp.com.au, linux-kernel@...r.kernel.org,
	oleg@...hat.com, bharrosh@...asas.com,
	linux-fsdevel@...r.kernel.org, akpm@...ux-foundation.org,
	devel@...nvz.org
Subject: Re: [RFC PATCH] fs: call_usermodehelper_root helper introduced

On Wed, May 22, 2013 at 11:35:56AM -0700, Eric W. Biederman wrote:
> ebiederm@...ssion.com (Eric W. Biederman) writes:
> 
> > I am missing a lot of context here and capturing the context of a
> > process at time time we mount the filesystem and reconstituing it in
> > call user mode helper seems like something we could do.

So it's not enough just to ensure that the user namespace is set
correctly?  (To the namespace of the mount process in the nfs case, or
of the process that starts nfsd in the nfsd case.)

> If we want to do something like this the only sane thing I can see is to
> have a per container version of kthread call it uthread.  That the user
> mode helper code would use to launch a new process.
> 
> Anything else and I expect we will be tearing our hair out for the rest
> of our lives with weird corner cases or unexpected semantics.

Could you give examples of weird corner cases or unexpected semantics?

--b.

> At first glace I would exepct uthread to be per pid namespace in
> implementation.
> 
> Eric
> 
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists