[PATCH 0/4] user namespace fixes

[Eric W. Biederman]

These are fixes from Andys review of my user namespace tree.

The first two patches are critical must fix fixes.

The third patch fixing commit_creds is a nice to have but fixing it
would be good.

Andy, Serge  if you could give these patches a once over to make certain
I am not doing something stupid.

Thank you,
Eric

---

Eric W. Biederman (4):
      Fix cap_capable to only allow owners in the parent user namespace to have caps.
      userns:  Require CAP_SYS_ADMIN for most uses of setns.
      userns: Add a more complete capability subset test to commit_creds
      userns: Fix typo in description of the limitation of userns_install

 fs/namespace.c           |    3 ++-
 ipc/namespace.c          |    3 ++-
 kernel/cred.c            |   26 +++++++++++++++++++++++++-
 kernel/pid_namespace.c   |    3 ++-
 kernel/user_namespace.c  |    2 +-
 kernel/utsname.c         |    3 ++-
 net/core/net_namespace.c |    3 ++-
 security/commoncap.c     |   25 +++++++++++++++++--------
 8 files changed, 53 insertions(+), 15 deletions(-)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/