Re: [PATCH] userns/capability: Add user namespace capability

From: Yves-Alexis Perez
Date: Mon Oct 19 2015 - 08:36:41 EST


On dim., 2015-10-18 at 20:41 -0500, Serge E. Hallyn wrote:
> We shouldn't need a long-term solution. Your concern is bugs. After
> some time surely we'll feel that we have achieved a stable solution?

But this is actually the whole point: we need a long term solution, because
they will always be bug, whether in user namespaces or in others parts exposed
by user namespaces. It's fine to fix them when we find them, but that still
means they're exploitable even before we know about them. We still find bugs
in code written years ago, it's quite certain there are bugs in current code.

User namespaces are a way to expose more interfaces to unprivileged users,
interfaces which weren't designed to be exposed like that. In a way that's the
opposite of seccomp. That doesn't make it bad, obviously, but that still means
having a way to control it finely could be helpful.

Regards,
--

Yves-Alexis

Attachment: signature.asc
Description: This is a digitally signed message part