lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87zi0io90k.fsf@xmission.com>
Date:   Tue, 29 May 2018 09:02:03 -0500
From:   ebiederm@...ssion.com (Eric W. Biederman)
To:     Miklos Szeredi <mszeredi@...hat.com>
Cc:     Miklos Szeredi <miklos@...redi.hu>,
        lkml <linux-kernel@...r.kernel.org>,
        Linux Containers <containers@...ts.linux-foundation.org>,
        linux-fsdevel <linux-fsdevel@...r.kernel.org>,
        Alban Crequy <alban@...volk.io>,
        Seth Forshee <seth.forshee@...onical.com>,
        Sargun Dhillon <sargun@...gun.me>,
        Dongsu Park <dongsu@...volk.io>,
        "Serge E. Hallyn" <serge@...lyn.com>
Subject: Re: [PATCH] fuse: Ensure posix acls are translated outside of init_user_ns

Miklos Szeredi <mszeredi@...hat.com> writes:

> On Tue, May 29, 2018 at 2:42 PM, Eric W. Biederman
> <ebiederm@...ssion.com> wrote:
>> ebiederm@...ssion.com (Eric W. Biederman) writes:
>>
>>> ebiederm@...ssion.com (Eric W. Biederman) writes:
>>>
>>>> Ensure the translation happens by failing to read or write
>>>> posix acls when the filesystem has not indicated it supports
>>>> posix acls.
>>>>
>>>> This ensures that modern cached posix acl support is available
>>>> and used when dealing with posix acls.  This is important
>>>> because only that path has the code to convernt the uids and
>>>> gids in posix acls into the user namespace of a fuse filesystem.
>>>>
>>>> Signed-off-by: "Eric W. Biederman" <ebiederm@...ssion.com>
>>>> ---
>>>
>>> ping.
>>>
>>> Miklos are you around where you can look at this?
>>
>> Perhaps I got the wrong email address.
>
>
> No, sorry.  I'll queue this up for 4.18.
>
> Just wanted to finish off overlayfs stuff before getting into fuse.

After reading your overlayfs pull it looks like those were some tricky
issues you were dealing with so it makes complete sense.

Then I am going to send you the enablement patch as I think the initial
round of work is done and you can apply them when you are ready.

Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ