On Sat, Oct 10, 2015 at 7:59 AM, Dirk Steinmetz
wrote:
> Attempting to hardlink to an unsafe file (e.g. a setuid binary) from
> within an unprivileged user namespace fails, even if CAP_FOWNER is held
> within the namespace. This may cause various failures, such as a gentoo
> installation within a
On Mon, Nov 2, 2015 at 10:02 AM, Serge Hallyn wrote:
> Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
>>
>> > We've already dealt with such regressions and iirc agreed that they were
>> > worthwhile.
>> Would you prefer to not fix the issue at all, then? Or would you prefer to
>
> No. I thin
Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> On Wed, 28 Oct 2015 17:33:10 +, Serge Hallyn wrote:
> > Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> > > On Tue, 27 Oct 2015 20:28:02 +, Serge Hallyn wrote:
> > > > Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> > > > > O
On Wed, 28 Oct 2015 17:33:10 +, Serge Hallyn wrote:
> Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> > On Tue, 27 Oct 2015 20:28:02 +, Serge Hallyn wrote:
> > > Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> > > > On Tue, 27 Oct 2015 09:33:44 -0500, Seth Forshee wrote:
> > > >
Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> On Tue, 27 Oct 2015 20:28:02 +, Serge Hallyn wrote:
> > Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> > > On Tue, 27 Oct 2015 09:33:44 -0500, Seth Forshee wrote:
> > > > I did want to point what seems to be an inconsistency in how
>
On Tue, 27 Oct 2015 20:28:02 +, Serge Hallyn wrote:
> Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> > On Tue, 27 Oct 2015 09:33:44 -0500, Seth Forshee wrote:
> > > I did want to point what seems to be an inconsistency in how
> > > capabilities in user namespaces are handled with respect
Seth Forshee writes:
> On Tue, Oct 20, 2015 at 04:09:19PM +0200, Dirk Steinmetz wrote:
>> Attempting to hardlink to an unsafe file (e.g. a setuid binary) from
>> within an unprivileged user namespace fails, even if CAP_FOWNER is held
>> within the namespace. This may cause various failures, such
Quoting Dirk Steinmetz (pub...@rsjtdrjgfuzkfg.com):
> On Tue, 27 Oct 2015 09:33:44 -0500, Seth Forshee wrote:
> > On Tue, Oct 20, 2015 at 04:09:19PM +0200, Dirk Steinmetz wrote:
> > > Attempting to hardlink to an unsafe file (e.g. a setuid binary) from
> > > within an unprivileged user namespace fa
On Tue, 27 Oct 2015 09:33:44 -0500, Seth Forshee wrote:
> On Tue, Oct 20, 2015 at 04:09:19PM +0200, Dirk Steinmetz wrote:
> > Attempting to hardlink to an unsafe file (e.g. a setuid binary) from
> > within an unprivileged user namespace fails, even if CAP_FOWNER is held
> > within the namespace. Th
On Tue, Oct 20, 2015 at 04:09:19PM +0200, Dirk Steinmetz wrote:
> Attempting to hardlink to an unsafe file (e.g. a setuid binary) from
> within an unprivileged user namespace fails, even if CAP_FOWNER is held
> within the namespace. This may cause various failures, such as a gentoo
> installation w
Attempting to hardlink to an unsafe file (e.g. a setuid binary) from
within an unprivileged user namespace fails, even if CAP_FOWNER is held
within the namespace. This may cause various failures, such as a gentoo
installation within a lxc container failing to build and install specific
packages.
T
Attempting to hardlink to an unsafe file (e.g. a setuid binary) from
within an unprivileged user namespace fails, even if CAP_FOWNER is held
within the namespace. This may cause various failures, such as a gentoo
installation within a lxc container failing to build and install specific
packages.
T
12 matches
Mail list logo
