Re: [PATCH -mm 5/7] add user namespace

From: Serge E. Hallyn
Date: Fri Jul 14 2006 - 12:29:04 EST

Next message: Chase Venters: "Re: [PATCH] remove volatile from nmi.c"
Previous message: Andrew Morton: "Re: 2.6.17 hangs during boot on ASUS M2NPV-VM motherboard"
In reply to: Eric W. Biederman: "Re: [PATCH -mm 5/7] add user namespace"
Next in thread: Eric W. Biederman: "Re: [PATCH -mm 5/7] add user namespace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx):
> Dave Hansen <haveblue@xxxxxxxxxx> writes:
>
> > On Thu, 2006-07-13 at 21:45 -0600, Eric W. Biederman wrote:
> >> I think for filesystems like /proc and /sys that there will normally
> >> be problems. However many of those problems can be rationalized away
> >> as a reasonable optimization, or are not immediately apparent.
> >
> > Could you talk about some of these problems?
>
> Already mentioned but. rw permissions on sensitive files are for
> uid == 0. No capability checks are performed.

As Herbert (IIRC) pointed out that could/should be fixed.

-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chase Venters: "Re: [PATCH] remove volatile from nmi.c"
Previous message: Andrew Morton: "Re: 2.6.17 hangs during boot on ASUS M2NPV-VM motherboard"
In reply to: Eric W. Biederman: "Re: [PATCH -mm 5/7] add user namespace"
Next in thread: Eric W. Biederman: "Re: [PATCH -mm 5/7] add user namespace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]