|
|
|
Re: [REVIEW][PATCH 0/43] Completing the user namespace | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx): > Andrew Lutomirski <luto@xxxxxxx> writes: > Still given that you aren't doing the very restrictive current_cred() > must not change I don't know how it matters, and a bpf based seccomp can > pretty easily filter out new user namespace creation. Shrug. I very much want and intend to use both user namespaces and seccomp2 together. Speaking in terms of the old userns implementation, once a container has been created, no child of my task will change uid/gid or gain/move capabilities in the original user namespace. But they're free to do so at will in the child user namespace. Since the capabilities are targeted at the child namespaces, that's fine. And as Eric noted the user namespaces will allow us to increase the attack surface, but at the same time I'm hoping to offset that somewhat using seccomp2. -serge -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
[Linux Ext4 Filesystem] [Ecryptfs] [AutoFS] [Kernel Newbies] [Share Photos] [Security] [Netfilter] [Bugtraq] [Photo] [Yosemite] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux Cachefs] [Reiser Filesystem] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper] [CEPH Filesystem]
|