OpenVZ Forum: Devel » [PATCH 0/8] user namespace: Introduction

Home » Mailing lists » Devel » [PATCH 0/8] user namespace: Introduction

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: [PATCH 7/8] user ns: handle file sigio [message #17330 is a reply to message #17319]

Thu, 25 January 2007 08:12

Andrew Morton
Messages: 127
Registered: December 2005

Senior Member

On Wed, 24 Jan 2007 12:58:45 -0600
"Serge E. Hallyn" <serue@us.ibm.com> wrote:

> > If we need to I can see doing something special if the process setting
> > fown has CAP_KILL
> 
> Obviously CAP_KILL is insufficient :)  I assume you mean a new
> CAP_XNS_CAP_KILL?
> 
> > and bypassing the security checks that way, but
> > hard coding rules like that when it doesn't appear we have any
> > experience to indicate we need the extra functionality looks
> > premature.
> 
> Ok, in this case actually I suspect you're right and we can just ditch
> the exception.  But in general the security discussion is one we should
> still have.

People like security.

Where do we now stand with this patch, and with "[PATCH 4/8] user ns: hook permission"?
_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers

Report message to a moderator

[Message index]

		[PATCH 0/8] user namespace: Introduction By: serue on Tue, 19 December 2006 22:59
		[PATCH 1/8] nsproxy: externalizes exit_task_namespaces By: serue on Tue, 19 December 2006 22:59
		[PATCH 2/8] user ns: add the framework By: serue on Tue, 19 December 2006 23:00
		[PATCH 3/8] user ns: add user_namespace ptr to vfsmount By: serue on Tue, 19 December 2006 23:00
		[PATCH 4/8] user ns: hook permission By: serue on Tue, 19 December 2006 23:00
		Re: [PATCH 4/8] user ns: hook permission By: ebiederm on Wed, 24 January 2007 17:06
		Re: [PATCH 4/8] user ns: hook permission By: serue on Wed, 24 January 2007 19:06
		[PATCH 5/8] user ns: prepare copy_tree, copy_mnt, and their callers to handle errs By: serue on Tue, 19 December 2006 23:01
		[PATCH 6/8] user ns: implement shared mounts By: serue on Tue, 19 December 2006 23:01
		[PATCH 7/8] user ns: handle file sigio By: serue on Tue, 19 December 2006 23:01
		Re: [PATCH 7/8] user ns: handle file sigio By: ebiederm on Wed, 24 January 2007 17:23
		Re: [PATCH 7/8] user ns: handle file sigio By: serue on Wed, 24 January 2007 18:58
		Re: [PATCH 7/8] user ns: handle file sigio By: Andrew Morton on Thu, 25 January 2007 08:12
		Re: [PATCH 7/8] user ns: handle file sigio By: serue on Thu, 25 January 2007 15:32
		Re: [PATCH 7/8] user ns: handle file sigio By: serue on Fri, 26 January 2007 05:38
		Re: [PATCH 7/8] user ns: handle file sigio By: Andrew Morton on Fri, 26 January 2007 06:09
		[PATCH 8/8] user ns: implement user ns unshare By: serue on Tue, 19 December 2006 23:01

Previous Topic:	[RFC][PATCH 1/3]: Replace pid_t in autofs with struct pid reference.
Next Topic:	Re: [PATCH] namespaces: fix exit race by splitting exit

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Wed Sep 10 21:39:20 GMT 2025

Total time taken to generate the page: 0.18552 seconds