lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <871to8n6nj.fsf@x220.int.ebiederm.org>
Date:	Tue, 09 Dec 2014 10:13:04 -0600
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Lukasz Pawelczyk <l.pawelczyk@...sung.com>
Cc:	Vladimir Davydov <vdavydov@...allels.com>,
	Miklos Szeredi <mszeredi@...e.cz>,
	Lukasz Pawelczyk <havner@...il.com>,
	Oleg Nesterov <oleg@...hat.com>,
	David Howells <dhowells@...hat.com>,
	Mark Rustad <mark.d.rustad@...el.com>,
	Juri Lelli <juri.lelli@...il.com>,
	Richard Weinberger <richard@....at>,
	Daeseok Youn <daeseok.youn@...il.com>,
	Ingo Molnar <mingo@...hat.com>,
	Jeff Kirsher <jeffrey.t.kirsher@...el.com>,
	David Rientjes <rientjes@...gle.com>,
	Alex Thorlton <athorlton@....com>,
	Matthew Dempsky <mdempsky@...omium.org>,
	Kees Cook <keescook@...omium.org>,
	Nikolay Aleksandrov <nikolay@...hat.com>,
	Dario Faggioli <raistlin@...ux.it>,
	Al Viro <viro@...iv.linux.org.uk>,
	James Morris <james.l.morris@...cle.com>,
	"open list\:ABI\/API" <linux-api@...r.kernel.org>,
	Linux Containers <containers@...ts.linux-foundation.org>,
	LKML <linux-kernel@...r.kernel.org>,
	Paul Moore <pmoore@...hat.com>,
	linux-security-module@...r.kernel.org,
	Casey Schaufler <casey@...aufler-ca.com>,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [RFC] lsm: namespace hooks

Lukasz Pawelczyk <l.pawelczyk@...sung.com> writes:

> On czw, 2014-11-27 at 18:38 +0100, Lukasz Pawelczyk wrote:
>> Right now the major issue I see is that LSM by itself is not defined how
>> it's going to behave. It's up to a specific LSM module.
>> 
>> E.g. within the Smack namespace filling the map is a privileged
>> operation. So by tying them up you cripple the ability to create a fully
>> working user namespace as an unprivileged process.
>
> Entertaining the idea that LSM namespace would be tied to user namespace
> (as you suggested) how do you see the limitation I described above?

If they are tied it means you wind up in a situation where there are no
labels you can set.

In general setting the uid and gid maps is also a privileged operations.

I really don't know what makes sense to do with lsms and namespaces
generically, but I do know that your lsm namespace patche were awkwards
and weird and seemed to be taking things in the wrong direction.

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ