Re: [PATCH v2 0/2] implement OA2_INHERIT_CRED flag for openat2()

From: stsp
Date: Tue Apr 23 2024 - 18:53:07 EST


23.04.2024 19:44, Andy Lutomirski пишет:
Also, there are lots of ways that f_cred could be relevant: fsuid/fsgid, effective capabilities and security labels. And it gets more complex if this ever gets extended to support connecting or sending to a socket or if someone opens a device node. Does CAP_SYS_ADMIN carry over?
I posted a v3 where I only override
fsuid, fsgid and group_info.
Capabilities and whatever else are
not overridden to avoid security risks.
Does this address your concern?

Note that I think your other concerns
are already addressed, I just added a
bit more of a description now.