Re: [PATCH v2 0/2] implement OA2_INHERIT_CRED flag for openat2()

[Stefan Metzmacher]

Am 23.04.24 um 12:48 schrieb Stas Sergeev:
> This patch-set implements the OA2_INHERIT_CRED flag for openat2() syscall.
> It is needed to perform an open operation with the creds that were in
> effect when the dir_fd was opened. This allows the process to pre-open
> some dirs and switch eUID (and other UIDs/GIDs) to the less-privileged
> user, while still retaining the possibility to open/create files within
> the pre-opened directory set.
>
> Changes in v2:
> - capture full struct cred instead of just fsuid/fsgid.
>    Suggested by Stefan Metzmacher <metze@xxxxxxxxx>
>
> CC: Stefan Metzmacher <metze@xxxxxxxxx>
> CC: Eric Biederman <ebiederm@xxxxxxxxxxxx>
> CC: Alexander Viro <viro@xxxxxxxxxxxxxxxxxx>
> CC: Andy Lutomirski <luto@xxxxxxxxxx>
> CC: Christian Brauner <brauner@xxxxxxxxxx>
> CC: Jan Kara <jack@xxxxxxx>
> CC: Jeff Layton <jlayton@xxxxxxxxxx>
> CC: Chuck Lever <chuck.lever@xxxxxxxxxx>
> CC: Alexander Aring <alex.aring@xxxxxxxxx>
> CC: linux-fsdevel@xxxxxxxxxxxxxxx
> CC: linux-kernel@xxxxxxxxxxxxxxx

I guess this is something that should cc linux-api@xxxxxxxxxxxxxxx ...

metze