| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZU+xkpH09xjzO5IS@swarup-virtual-machine>
Date: Sat, 11 Nov 2023 22:23:38 +0530
From: swarup <swarupkotikalapudi@...il.com>
To: Shuah Khan <skhan@...uxfoundation.org>
Cc: shuah@...nel.org, linux-kselftest@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-kernel-mentees@...ts.linuxfoundation.org
Subject: Re: [PATCH] selftests: capabilities: namespace create varies for
root and normal user
On Tue, Nov 07, 2023 at 02:23:34PM -0700, Shuah Khan wrote:
> On 9/29/23 06:53, Swarup Laxman Kotiaklapudi wrote:
> > Change namespace creation for root and non-root
> > user differently in create_and_enter_ns() function
> >
>
> Sorry for the delay on reviewing this.
>
> Can you tell me more about why this change is needed and
> include it in the change log.
>
> thanks,
> -- Shuah
Hi Shuah,
This patchset was raised to fix below TODO:
"If we're already root, we could skip creating the userns."
Without this patchset, function create_and_enter_ns(),
at this path --> tools/testing/selftests/capabilities/test_execve.c
was as mentioned below:
static bool create_and_enter_ns(uid_t inner_uid)
{
....
if (unshare(CLONE_NEWNS) == 0) {
....
} else if (unshare(CLONE_NEWUSER | CLONE_NEWNS) == 0) {
....
} else {
ksft_exit_skip("must be root or be able to create a userns\n");
}
...
}
To fix the TODO, above mentioned if block is executed if root user,
for normal user it enters inside 'else if' block.
Thanks,
Swarup
Powered by blists - more mailing lists