Re: [PATCH 2/2] user namespaces: require cap_set{ug}id for CLONE_NEWUSER

From: Eric W. Biederman
Date: Fri Dec 05 2008 - 11:26:39 EST

Next message: Theodore Tso: "Re: [PATCH v4] ext3, ext4: make i signed in do_split()"
Previous message: David Howells: "[PATCH] EXPORTFS: Don't return NULL fromfh_to_dentry()/fh_to_parent() [ver #4]"
In reply to: Serge E. Hallyn: "[PATCH 2/2] user namespaces: require cap_set{ug}id forCLONE_NEWUSER"
Next in thread: Serge E. Hallyn: "Re: [PATCH 2/2] user namespaces: require cap_set{ug}id forCLONE_NEWUSER"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"Serge E. Hallyn" <serue@xxxxxxxxxx> writes:

> While ideally CLONE_NEWUSER will eventually require no
> privilege, the required permission checks are currently
> not there. As a result, CLONE_NEWUSER has the same effect
> as a setuid(0)+setgroups(1,"0"). While we already require
> CAP_SYS_ADMIN, requiring CAP_SETUID and CAP_SETGID seems
> appropriate.

This looks reasonable. For the short term we will need a greater
set of caps to be able to do all of the interesting things.

Personally the user namespace only becomes interesting when we
start to be able to move in the other direction and remove the
set of capabilities requires to create it.

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Theodore Tso: "Re: [PATCH v4] ext3, ext4: make i signed in do_split()"
Previous message: David Howells: "[PATCH] EXPORTFS: Don't return NULL fromfh_to_dentry()/fh_to_parent() [ver #4]"
In reply to: Serge E. Hallyn: "[PATCH 2/2] user namespaces: require cap_set{ug}id forCLONE_NEWUSER"
Next in thread: Serge E. Hallyn: "Re: [PATCH 2/2] user namespaces: require cap_set{ug}id forCLONE_NEWUSER"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]