On Fri, Jan 22, 2016 at 7:02 PM, Eric W. Biederman
wrote:
> Kees Cook writes:
>
>> There continues to be unexpected side-effects and security exposures
>> via CLONE_NEWUSER. For many end-users running distro kernels with
>> CONFIG_USER_NS enabled, there is no way to disable this feature when
>> d
On Fri, Jan 22, 2016 at 4:59 PM, Ben Hutchings wrote:
> On Fri, 2016-01-22 at 15:00 -0800, Kees Cook wrote:
>> On Fri, Jan 22, 2016 at 2:55 PM, Robert Święcki wrote:
>> > 2016-01-22 23:50 GMT+01:00 Kees Cook :
>> >
>> > > > Seems that Debian and some older Ubuntu versions are already using
>> > >
On Sun, Jan 24, 2016 at 12:59 PM, Kees Cook wrote:
> On Fri, Jan 22, 2016 at 4:59 PM, Ben Hutchings wrote:
>> On Fri, 2016-01-22 at 15:00 -0800, Kees Cook wrote:
>>> On Fri, Jan 22, 2016 at 2:55 PM, Robert Święcki wrote:
>>> > 2016-01-22 23:50 GMT+01:00 Kees Cook :
>>> >
>>> > > > Seems that Deb
On Fri, Jan 22, 2016 at 7:02 PM, Eric W. Biederman
wrote:
> Kees Cook writes:
>
>> There continues to be unexpected side-effects and security exposures
>> via CLONE_NEWUSER. For many end-users running distro kernels with
>> CONFIG_USER_NS enabled, there is no way to disable this feature when
>> d
