| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Dec 2016 20:23:49 +1300
From: ebiederm@...ssion.com (Eric W. Biederman)
To: Andrei Vagin <avagin@...tuozzo.com>
Cc: "Michael Kerrisk \(man-pages\)" <mtk.manpages@...il.com>,
"Serge E. Hallyn" <serge@...lyn.com>, <linux-api@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>,
Andrey Vagin <avagin@...nvz.org>,
James Bottomley <James.Bottomley@...senpartnership.com>,
"W. Trevor King" <wking@...mily.us>,
Alexander Viro <viro@...iv.linux.org.uk>,
Jonathan Corbet <corbet@....net>
Subject: Re: [PATCH 2/2] nsfs: Add an ioctl() to return creator UID of a userns
Andrei Vagin <avagin@...tuozzo.com> writes:
> On Mon, Dec 19, 2016 at 03:38:35PM +0100, Michael Kerrisk (man-pages) wrote:
>> @@ -174,6 +175,11 @@ static long ns_ioctl(struct file *filp, unsigned int ioctl,
>> return open_related_ns(ns, ns->ops->get_parent);
>> case NS_GET_NSTYPE:
>> return ns->ops->type;
>> + case NS_GET_CREATOR_UID:
>> + if (ns->ops->type != CLONE_NEWUSER)
>> + return -EINVAL;
>> + user_ns = container_of(ns, struct user_namespace, ns);
>> + return from_kuid_munged(current_user_ns(), user_ns->owner);
>
> uid_t is "unsigned int", ioctl() returns long, so it may be hard to
> distinguish user id-s from errors on x32.
Very good point.
> off-topic: What is about user_ns->group? I can't find where it is
> used...
Over design. I put it in because I thought it might be useful. It turns
out it never was used so we can clean things up and remove it. The
group has never been exposed to userspace so no one will care.
Eric
Powered by blists - more mailing lists