On Wed, Feb 26, 2014 at 08:54:02AM -0600, Serge Hallyn wrote: > Quoting Stephan Sachse (ste.sachse@xxxxxxxxx): > > for me there is no valid reason why a container is not allowed to set > > file capabilities. > > (For the sake of the libvir-list, I replied to this on the lxc-devel@ > list with a proposal that should work; but this particular patch is > not safe, as nothing would stop an unprivileged user from mapping 0 > to his uid in a new namespace, adding CAP_SYS_ADMIN, getting back to > the init namespace, and running it with privilege. Adding a new > capability format which adds the kuid_t of the user_ns root would > solve this. Thanks Stephan for pushing on this.) Thanks, I thought there would be some good reason for this restriction. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list