On Wed, Jul 15, 2015 at 06:23:01PM -0700, Andy Lutomirski wrote: > > So if we have the s_user_ns check in get_file_caps the mnt_may_suid pass > > isn't strictly necessary, but I still think it is useful as a mitigation > > to the "leaks" Eric mentions. It _should_ be impossible for a user to > > gain access to another user's mount namespace, > > No, it's very easy with SCM_RIGHTS. We should make sure it's safe.
Sure, what I really meant was that an attacker shouldn't be able to do so without cooperation from the other user's processes. But I think we're all in agreement that making it safe is a good idea. Seth -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
