On Tue, 3 Nov 2015 10:20:38 -0800, Kees Cook wrote:
> On Mon, Nov 2, 2015 at 4:39 PM, Dirk Steinmetz
> wrote:
> > In order to hardlink to a sgid-executable, it is sufficient to be the
> > file's owner. When hardlinking within an unprivileged user namespace, the
> >
f the namespace. This is a possible security risk.
This change prevents hardlinking of sgid-executables within user
namespaces, if the file is not owned by a mapped gid.
Signed-off-by: Dirk Steinmetz
---
MISSING: Documentation/sysctl/fs.txt not updated, as this patch is
intended for discussion
On Wed, 28 Oct 2015 17:33:10 +, Serge Hallyn wrote:
> Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> > On Tue, 27 Oct 2015 20:28:02 +, Serge Hallyn wrote:
> > > Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> > > > On Tue, 27 Oct 2015 09:3
On Tue, 27 Oct 2015 20:28:02 +, Serge Hallyn wrote:
> Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> > On Tue, 27 Oct 2015 09:33:44 -0500, Seth Forshee wrote:
> > > I did want to point what seems to be an inconsistency in how
> > > capabilities in user
On Tue, 27 Oct 2015 09:33:44 -0500, Seth Forshee wrote:
> On Tue, Oct 20, 2015 at 04:09:19PM +0200, Dirk Steinmetz wrote:
> > Attempting to hardlink to an unsafe file (e.g. a setuid binary) from
> > within an unprivileged user namespace fails, even if CAP_FOWNER is held
> >
le to capable_wrt_inode_uidgid").
Signed-off-by: Dirk Steinmetz
---
This is the third time I'm sending the patch, as the first two attempts did
not provoke a reply. Feel free to point out any issues you see with it --
including formal requirements, as this is the first patch I'm submitting.
I
le to capable_wrt_inode_uidgid").
Signed-off-by: Dirk Steinmetz
---
fs/namei.c | 7 ++-
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/fs/namei.c b/fs/namei.c
index 726d211..29fc6a6 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -955,26 +955,23 @@ static bool safe_hardlink_source(st
7 matches
Mail list logo
