[CC += linux-...@vger.kernel.org]
Christoph,
Since this is a kernel-user-space API change, please CC linux-api@.
The kernel source file Documentation/SubmitChecklist notes that all
Linux kernel patches that change userspace interfaces should be CCed
to linux-...@vger.kernel.org, so that the vario
Quoting Andy Lutomirski (l...@amacapital.net):
> On Wed, Feb 4, 2015 at 2:02 PM, Serge E. Hallyn wrote:
> > Quoting Serge E. Hallyn (se...@hallyn.com):
> >> Quoting Andy Lutomirski (l...@amacapital.net):
> >> > On Wed, Feb 4, 2015 at 1:27 PM, Serge E. Hallyn wrote:
> >> > > Quoting Andy Lutomirsk
On Wed, Feb 4, 2015 at 2:02 PM, Serge E. Hallyn wrote:
> Quoting Serge E. Hallyn (se...@hallyn.com):
>> Quoting Andy Lutomirski (l...@amacapital.net):
>> > On Wed, Feb 4, 2015 at 1:27 PM, Serge E. Hallyn wrote:
>> > > Quoting Andy Lutomirski (l...@amacapital.net):
>> > >> On Wed, Feb 4, 2015 at 1
On Wed, Feb 4, 2015 at 1:57 PM, Christoph Lameter wrote:
> On Wed, 4 Feb 2015, Andy Lutomirski wrote:
>
>> But someone will want to run *bash* as an untrusted user with, say,
>> CAP_NET_BIND permitted and ambient. Then that user has a non-empty
>> ambient set, and they can run a setuid-root progr
Subject: [capabilities] Implement ambient capability set V2
DRAFT -- untested -- DRAFT
Implement an ambient capabilty set to allow capabilties
to be inherited with unix semantics used also for other
attributes.
Implements PR_CAP_AMBIENT. The second argument to prctl
is a the capability number an
Quoting Serge E. Hallyn (se...@hallyn.com):
> Quoting Andy Lutomirski (l...@amacapital.net):
> > On Wed, Feb 4, 2015 at 1:27 PM, Serge E. Hallyn wrote:
> > > Quoting Andy Lutomirski (l...@amacapital.net):
> > >> On Wed, Feb 4, 2015 at 1:16 PM, Serge E. Hallyn wrote:
> > >> > Quoting Andy Lutomirs
On Wed, 4 Feb 2015, Andy Lutomirski wrote:
> >> Christoph, would your code run ok under NNP?
> >
> > There are still binaries invoked that need more priviledges. Does not
> > work.
>
> What do you mean by "need more privileges"? Are they setuid-root or
> do they use fP?
Both.
> > Well I'd rathe
On Wed, Feb 4, 2015 at 1:51 PM, Christoph Lameter wrote:
> On Wed, 4 Feb 2015, Serge E. Hallyn wrote:
>
>> > task_no_new_privs(current) instead of ns_capable(current_user_ns(),
>>
>> I'm ok with that. And iiuc it shouldn't get in the way of
>> Christoph's use case. I'd just rather not have
On Wed, 4 Feb 2015, Andy Lutomirski wrote:
> But someone will want to run *bash* as an untrusted user with, say,
> CAP_NET_BIND permitted and ambient. Then that user has a non-empty
> ambient set, and they can run a setuid-root program, and who knows
> what will go wrong? Requiring no_new_privs
Quoting Andy Lutomirski (l...@amacapital.net):
> On Wed, Feb 4, 2015 at 1:27 PM, Serge E. Hallyn wrote:
> > Quoting Andy Lutomirski (l...@amacapital.net):
> >> On Wed, Feb 4, 2015 at 1:16 PM, Serge E. Hallyn wrote:
> >> > Quoting Andy Lutomirski (l...@amacapital.net):
> >> >> On Wed, Feb 4, 2015
On Wed, 4 Feb 2015, Serge E. Hallyn wrote:
> > task_no_new_privs(current) instead of ns_capable(current_user_ns(),
>
> I'm ok with that. And iiuc it shouldn't get in the way of
> Christoph's use case. I'd just rather not have one set of convoluted
> new rules now, and the have to relax the
On Wed, Feb 4, 2015 at 1:27 PM, Serge E. Hallyn wrote:
> Quoting Andy Lutomirski (l...@amacapital.net):
>> On Wed, Feb 4, 2015 at 1:16 PM, Serge E. Hallyn wrote:
>> > Quoting Andy Lutomirski (l...@amacapital.net):
>> >> On Wed, Feb 4, 2015 at 10:49 AM, Christoph Lameter wrote:
>> >> > +
>> >> >
Quoting Andy Lutomirski (l...@amacapital.net):
> On Wed, Feb 4, 2015 at 1:16 PM, Serge E. Hallyn wrote:
> > Quoting Andy Lutomirski (l...@amacapital.net):
> >> On Wed, Feb 4, 2015 at 10:49 AM, Christoph Lameter wrote:
> >> > An attempt to implement this. Probably missing some fine points:
> >> >
On Wed, Feb 4, 2015 at 1:16 PM, Serge E. Hallyn wrote:
> Quoting Andy Lutomirski (l...@amacapital.net):
>> On Wed, Feb 4, 2015 at 10:49 AM, Christoph Lameter wrote:
>> > An attempt to implement this. Probably missing some fine points:
>> >
>> > Subject: [capabilities] Implement ambient capability
Quoting Andy Lutomirski (l...@amacapital.net):
> On Wed, Feb 4, 2015 at 10:49 AM, Christoph Lameter wrote:
> > An attempt to implement this. Probably missing some fine points:
> >
> > Subject: [capabilities] Implement ambient capability set.
> >
> > DRAFT -- untested -- DRAFT
> >
> > Implement an
On Wed, Feb 4, 2015 at 10:49 AM, Christoph Lameter wrote:
> An attempt to implement this. Probably missing some fine points:
>
> Subject: [capabilities] Implement ambient capability set.
>
> DRAFT -- untested -- DRAFT
>
> Implement an ambient capabilty set to allow capabilties
> to be inherited wi
An attempt to implement this. Probably missing some fine points:
Subject: [capabilities] Implement ambient capability set.
DRAFT -- untested -- DRAFT
Implement an ambient capabilty set to allow capabilties
to be inherited with unix semantics used also for other
attributes.
Implements PR_CAP_AMB
17 matches
Mail list logo
