| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALCETrUJFgOHE5S2Drg1TiXjJFCNC2CKWerSEj_wk9Rrdv1JFg@mail.gmail.com> Date: Fri, 29 Apr 2016 09:22:24 -0700 From: Andy Lutomirski <luto@...capital.net> To: Andy Lutomirski <luto@...nel.org> Cc: Linux FS Devel <linux-fsdevel@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "Eric W. Biederman" <ebiederm@...ssion.com>, gnome-os-list@...me.org, James Bottomley <James.Bottomley@...senpartnership.com>, Serge Hallyn <serge.hallyn@...ntu.com>, Alexander Larsson <alexl@...hat.com>, mclasen@...hat.com, Linux Containers <containers@...ts.linux-foundation.org> Subject: Re: [PATCH v2] devpts: Make ptmx be owned by the userns owner as a fallback On Tue, Mar 15, 2016 at 1:05 PM, Andy Lutomirski <luto@...nel.org> wrote: > New devpts instances have ptmx owned by the inner uid and gid 0. > > For container-style namespaces (LXC, etc), this should have no > effect, this is fine. > > For sandbox-style namespaces (xdg-app and similar), this is > problematic -- there may not be an inner 0:0. If that happens, > devpts mounts will fail. > > Fix it by adding a fallback: if 0:0 is not mapped but the userns > owner and group are mapped, then ptmx will be owned by the namespace > owner. > > This won't change behavior except in cases where mount would > currently return -EINVAL. Eric, this patch is straightforward, fixes a real problem, and is mostly orthogonal to the devpts stuff you're working on. Could you apply it for 4.7? --Andy
Powered by blists - more mailing lists