[Devel] Re: [PATCH 1/1] RFC: taking a crack at targeted capabilities
Serge E. Hallyn
serue at us.ibm.com
Sun Feb 14 20:05:29 PST 2010
Quoting Eric W. Biederman (ebiederm at xmission.com):
> "Serge E. Hallyn" <serue at us.ibm.com> writes:
>
> > So i was thinking about how to safely but incrementally introduce
> > targeted capabilities - which we decided was a prereq to making VFS
> > handle user namespaces - and the following seemed doable. My main
> > motivations were (in order):
> >
> > 1. don't make any unconverted capable() checks unsafe
> > 2. minimize performance impact on non-container case
> > 3. minimize performance impact on containers
>
> My motivation is a bit different. I would like to get to the
> unprivileged creation of new namespaces. It looks like this gets us
> 90% of the way there, with only potential uid confusion issues left.
Just a pair of instances of uid comparison are now addressed in
http://git.kernel.org/gitweb.cgi?p=linux/kernel/git/sergeh/linux-cr.git;a=shortlog;h=refs/heads/feb13.userns.uid_equivs
which has your patch "taking a crack at targeted capabilities" at its
core. Talk about your baby steps... But I need to go back and re-read
what we'd discussed over the last few years about how we wanted to
tag superblocks/mounts->inodes before I go on.
Anyway now uid equivalence checks are ns-aware for basic vfs_permission
and task kill at least. It's a start.
-serge
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list