[resend: MUA tricked me into sending HTML email...] On Mon, Aug 6, 2012 at 4:55 PM, Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote: > > Kees Cook <keescook@xxxxxxxxxxxx> writes: > > > On Thu, Aug 2, 2012 at 9:26 PM, James Morris <jmorris@xxxxxxxxx> wrote: > >> On Wed, 25 Jul 2012, Kees Cook wrote: > >> > >>> This adds symlink and hardlink restrictions to the Linux VFS. > >> > >> Is Al happy with this now? > > > > Looks like it; thanks for checking. It's in mainline now: > > > > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commitdiff;h=800179c9b8a1e796e441674776d11cd4c05d61d7 > > So there was one trivial little issue with your patch. You were > directly comparing kuids instead of using uid_eq. This only practically > matters when user namespaces are enabled which is currently impossible > in 3.6-rc1 :( > > I have added the following fixup patch to my for-next branch of > user-namespace.git > > From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> > Date: Fri, 3 Aug 2012 09:38:08 -0700 > Subject: [PATCH] userns: Fix link restrictions to use uid_eq > > Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> Ah-ha! Thanks for fixing this. Acked-by: Kees Cook <keescook@xxxxxxxxxxxx> -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
