| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Mar 2018 11:18:57 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: christian.brauner@...ntu.com
Cc: ebiederm@...ssion.com, gregkh@...uxfoundation.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
serge@...lyn.com, avagin@...tuozzo.com, ktkhai@...tuozzo.com
Subject: Re: [PATCH net-next 2/2 v4] netns: send uevent messages
From: Christian Brauner <christian.brauner@...ntu.com>
Date: Mon, 19 Mar 2018 13:17:31 +0100
> This patch adds a receive method to NETLINK_KOBJECT_UEVENT netlink sockets
> to allow sending uevent messages into the network namespace the socket
> belongs to.
>
> Currently non-initial network namespaces are already isolated and don't
> receive uevents. There are a number of cases where it is beneficial for a
> sufficiently privileged userspace process to send a uevent into a network
> namespace.
>
> One such use case would be debugging and fuzzing of a piece of software
> which listens and reacts to uevents. By running a copy of that software
> inside a network namespace, specific uevents could then be presented to it.
> More concretely, this would allow for easy testing of udevd/ueventd.
>
> This will also allow some piece of software to run components inside a
> separate network namespace and then effectively filter what that software
> can receive. Some examples of software that do directly listen to uevents
> and that we have in the past attempted to run inside a network namespace
> are rbd (CEPH client) or the X server.
...
> Signed-off-by: Christian Brauner <christian.brauner@...ntu.com>
Applied.
Powered by blists - more mailing lists