OpenVZ Forum: Devel » [PATCH 0/8] user namespace: Introduction

Home » Mailing lists » Devel » [PATCH 0/8] user namespace: Introduction

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

[PATCH 4/8] user ns: hook permission [message #17091 is a reply to message #17087]

Tue, 19 December 2006 23:00

serue
Messages: 750
Registered: February 2006

Senior Member

From: Serge E. Hallyn <serue@us.ibm.com>
Subject: [PATCH 4/8] user ns: hook permission

Hook permission to check vfsmnt->user_ns against current.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
---
 fs/namei.c |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/fs/namei.c b/fs/namei.c
index e4f108f..d6687af 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -246,6 +246,8 @@ int permission(struct inode *inode, int 
 			return -EACCES;
 	}
 
+	if (nd && !task_mnt_same_uidns(current, nd->mnt))
+		return -EACCES;
 
 	/*
 	 * MAY_EXEC on regular files requires special handling: We override
@@ -433,6 +435,8 @@ static int exec_permission_lite(struct i
 {
 	umode_t	mode = inode->i_mode;
 
+	if (!task_mnt_same_uidns(current, nd->mnt))
+		return -EACCES;
 	if (inode->i_op && inode->i_op->permission)
 		return -EAGAIN;
 
-- 
1.4.1

_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers

Report message to a moderator

[Message index]

		[PATCH 0/8] user namespace: Introduction By: serue on Tue, 19 December 2006 22:59
		[PATCH 1/8] nsproxy: externalizes exit_task_namespaces By: serue on Tue, 19 December 2006 22:59
		[PATCH 2/8] user ns: add the framework By: serue on Tue, 19 December 2006 23:00
		[PATCH 3/8] user ns: add user_namespace ptr to vfsmount By: serue on Tue, 19 December 2006 23:00
		[PATCH 4/8] user ns: hook permission By: serue on Tue, 19 December 2006 23:00
		Re: [PATCH 4/8] user ns: hook permission By: ebiederm on Wed, 24 January 2007 17:06
		Re: [PATCH 4/8] user ns: hook permission By: serue on Wed, 24 January 2007 19:06
		[PATCH 5/8] user ns: prepare copy_tree, copy_mnt, and their callers to handle errs By: serue on Tue, 19 December 2006 23:01
		[PATCH 6/8] user ns: implement shared mounts By: serue on Tue, 19 December 2006 23:01
		[PATCH 7/8] user ns: handle file sigio By: serue on Tue, 19 December 2006 23:01
		Re: [PATCH 7/8] user ns: handle file sigio By: ebiederm on Wed, 24 January 2007 17:23
		Re: [PATCH 7/8] user ns: handle file sigio By: serue on Wed, 24 January 2007 18:58
		Re: [PATCH 7/8] user ns: handle file sigio By: Andrew Morton on Thu, 25 January 2007 08:12
		Re: [PATCH 7/8] user ns: handle file sigio By: serue on Thu, 25 January 2007 15:32
		Re: [PATCH 7/8] user ns: handle file sigio By: serue on Fri, 26 January 2007 05:38
		Re: [PATCH 7/8] user ns: handle file sigio By: Andrew Morton on Fri, 26 January 2007 06:09
		[PATCH 8/8] user ns: implement user ns unshare By: serue on Tue, 19 December 2006 23:01

Previous Topic:	[RFC][PATCH 1/3]: Replace pid_t in autofs with struct pid reference.
Next Topic:	Re: [PATCH] namespaces: fix exit race by splitting exit

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Wed Sep 10 20:07:11 GMT 2025

Total time taken to generate the page: 0.06884 seconds