Re: [PATCH v6 0/3] implement OA2_CRED_INHERIT flag for openat2()

From: Jann Horn
Date: Tue May 21 2024 - 15:01:54 EST

Next message: Krzysztof Kozlowski: "Re: [PATCH 1/5] dt-bindings: trivial-devices: Drop adi,adp5585 and adi,adp5585-02"
Previous message: Dmitry Baryshkov: "Re: [PATCH RFC v3 0/9] dt-bindings: hwinfo: Introduce board-id"
Next in thread: stsp: "Re: [PATCH v6 0/3] implement OA2_CRED_INHERIT flag for openat2()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Apr 27, 2024 at 1:24 PM Stas Sergeev <stsp2@xxxxxxxxx> wrote:
> This patch-set implements the OA2_CRED_INHERIT flag for openat2() syscall.
> It is needed to perform an open operation with the creds that were in
> effect when the dir_fd was opened, if the dir was opened with O_CRED_ALLOW
> flag. This allows the process to pre-open some dirs and switch eUID
> (and other UIDs/GIDs) to the less-privileged user, while still retaining
> the possibility to open/create files within the pre-opened directory set.

As Andy Lutomirski mentioned before, Linux already has Landlock
(https://docs.kernel.org/userspace-api/landlock.html) for unprivileged
filesystem sandboxing. What benefits does OA2_CRED_INHERIT have
compared to Landlock?

Next message: Krzysztof Kozlowski: "Re: [PATCH 1/5] dt-bindings: trivial-devices: Drop adi,adp5585 and adi,adp5585-02"
Previous message: Dmitry Baryshkov: "Re: [PATCH RFC v3 0/9] dt-bindings: hwinfo: Introduce board-id"
Next in thread: stsp: "Re: [PATCH v6 0/3] implement OA2_CRED_INHERIT flag for openat2()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]