Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx): > "Serge E. Hallyn" <serue@xxxxxxxxxx> writes: > > > So i was thinking about how to safely but incrementally introduce > > targeted capabilities - which we decided was a prereq to making VFS > > handle user namespaces - and the following seemed doable. My main > > motivations were (in order): > > > > 1. don't make any unconverted capable() checks unsafe > > 2. minimize performance impact on non-container case > > 3. minimize performance impact on containers > > My motivation is a bit different. I would like to get to the > unprivileged creation of new namespaces. It looks like this gets us > 90% of the way there, with only potential uid confusion issues left. Just a pair of instances of uid comparison are now addressed in http://git.kernel.org/gitweb.cgi?p=linux/kernel/git/sergeh/linux-cr.git;a=shortlog;h=refs/heads/feb13.userns.uid_equivs which has your patch "taking a crack at targeted capabilities" at its core. Talk about your baby steps... But I need to go back and re-read what we'd discussed over the last few years about how we wanted to tag superblocks/mounts->inodes before I go on. Anyway now uid equivalence checks are ns-aware for basic vfs_permission and task kill at least. It's a start. -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers