Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> writes: > On Thu, Dec 13, 2012 at 2:39 PM, Eric W. Biederman > <ebiederm@xxxxxxxxxxxx> wrote: >> >> Andy Lutomirski pointed out that the current behavior of allowing the >> owner of a user namespace to have all caps when that owner is not in a >> parent user namespace is wrong. >> >> This is a bug introduced by the kuid conversion which made it possible >> for the owner of a user namespace to live in a child user namespace. I >> goofed and totally missed this implication. > > Hmm. Shouldn't this be cc: stable if it was introduced in the kuid > conversion? Or is it only an issue with your new namespace tree (which > I haven't pulled yet)? It should be CC stable. I think I have fixed the bug I am hoping to get a second pair of eyeballs before I send the patch officially. The test for &init_user_ns keeps the bugs from affecting kernels with user namespaces disabled. The bug exists in 3.5 and 3.6 but barely matters because you can't enable user namespaces without additional patches. The bug exists in 3.7 but is should be of limited affect because distributions are likely to prefer enabling nfs and fuse over user namespaces. I am going to step away for about an hour or so and then with hopefully fresh eyes myself work to push the good version. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
