Jan Kara <jack@xxxxxxx> writes: > On Sat 02-07-16 12:18:08, Eric W. Biederman wrote: >> >> As well as in these patches the code is also available from: >> git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-testing >> >> It has been a long time in coming but recently in the userns tree the >> superblock has been expanded with a s_user_ns field indicating the user >> namespace that owns a superblock. >> >> The s_user_ns owner of a superblock has three implications. >> - Only kuids and kgids that map into s_user_ns are allowed to be sent to a >> filesystem from the vfs. >> - If the uid or gid on the filesystem does not map into s_user_ns i_uid >> is set to INVALID_UID and i_gid is set to INVALID_GID. >> - The scope of permission checks can be changed from global to a >> capabilitiy check in s_user_ns. > > OK, to check that I understand it right: > > So the uids and gids that are stored on disk are still expected to be in > the initial id namespace, aren't they? No. The general expectation is that the ids on disk are store in s_user_ns. Id's that don't map to the initial id namespace get stored in the generic data structures as INVALID_UID and INVALID_GID. In practice I don't expect anyone will set up a situation knowingly where id's don't map, but the case has to be handled because mistakes and malicious code happens. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
