Re: [PATCH 04/11] fs: Don't remove suid for CAP_FSETID for userns root
From: Miklos Szeredi
Date: Tue Feb 13 2018 - 08:37:19 EST
On Sat, Dec 23, 2017 at 1:38 PM, Dongsu Park <dongsu@xxxxxxxxxx> wrote:
> Hi,
>
> On Sat, Dec 23, 2017 at 4:26 AM, Serge E. Hallyn <serge@xxxxxxxxxx> wrote:
>> On Fri, Dec 22, 2017 at 03:32:28PM +0100, Dongsu Park wrote:
>>> From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
>>>
>>> Expand the check in should_remove_suid() to keep privileges for
>>
>> I realize this description came from Seth, but reading it now,
>> 'Expand' seems wrong. Expanding a check brings to my mind making
>> it stricter, not looser. How about 'Relax the check' ?
>
> Makes sense. Will do.
>
>>> CAP_FSETID in s_user_ns rather than init_user_ns.
>>>
>>> Patch v4 is available: https://patchwork.kernel.org/patch/8944621/
>>>
>>> --EWB Changed from ns_capable(sb->s_user_ns, ) to capable_wrt_inode_uidgid
>>
>> Why exactly?
>>
>> This is wrong, because capable_wrt_inode_uidgid() does a check
>> against current_user_ns, not the inode->i_sb->s_user_ns
I'm thoroughly confused. s_user_ns is supposed to be about the
usernamespace the filesystem perceives to be in, right? How does that
come into play when checking permissions to do something?
Thanks,
Miklos