Re: [GIT PULL] LSM patches for v6.1
From: Linus Torvalds
Date: Tue Oct 04 2022 - 17:31:03 EST
On Tue, Oct 4, 2022 at 1:55 PM Linus Torvalds
> So this whole "don't do this" approach you have is not acceptable.
Side note: if we have a security hook for "create random file", then
the notion that creating a whole new namespace somehow must not have
any security hooks because it's *so* special is just ridiculous.
I also note that right now USER_NS is both "default n" and "if not
sure, say 'n'" in the Kconfig files, even though obviously that ship
has sailed long ago.
So originally it might have been a reasonable expectation to say "only
enable this if you're doing containers in servers", but that clearly
isn't the case any more. So we basically take USER_NS for granted, but
the fact that people might want chrome to use it for sandboxing does
*not* mean that randomly we want any CLONE_NEWNS to just be ok,
regardless of how trusted (or not) the case is.