Re: [PATCH v2 00/10] userns: sysctl limits for namespaces

From: Michael Kerrisk (man-pages)
Date: Tue Jul 26 2016 - 06:28:16 EST

Next message: Michael Kerrisk (man-pages): "Re: [PATCH v2 00/10] userns: sysctl limits for namespaces"
Previous message: Kent Overstreet: "Re: bcache super block corruption with non 4k pages"
Next in thread: Eric W. Biederman: "Re: [PATCH v2 00/10] userns: sysctl limits for namespaces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Eric,

On 07/21/2016 06:39 PM, Eric W. Biederman wrote:

This patchset addresses two use cases:
- Implement a sane upper bound on the number of namespaces.
- Provide a way for sandboxes to limit the attack surface from
namespaces.

The maximum sane case I can imagine is if every process is a fat
process, so I set the maximum number of namespaces to the maximum
number of threads.

I make these limits recursive and per user namespace so that a
usernamespace root can reduce the limits further. If a user namespace
root raises the limit the limit in the parent namespace will be honored.

I have cut this implementation to the bare minimum needed to achieve
these objectives.

Does anyone know if there is a proper error code to return for resource
limit exceeded? I am currently using -EUSERS or -ENFILE but both of
those feel a little wrong.

ENFILE certainly seems weird. I suppose my first question is: why two
different errors?

Some alternatives you might want to consider: E2BIG, EOVERFLOW,
or (maybe) ERANGE.

Cheers,

Michael

Next message: Michael Kerrisk (man-pages): "Re: [PATCH v2 00/10] userns: sysctl limits for namespaces"
Previous message: Kent Overstreet: "Re: bcache super block corruption with non 4k pages"
Next in thread: Eric W. Biederman: "Re: [PATCH v2 00/10] userns: sysctl limits for namespaces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]