From: Christian Brauner (Microsoft) <brauner@xxxxxxxxxx> On Mon, 17 Oct 2022 17:06:33 +0200, Christian Brauner wrote: > From: "Christian Brauner (Microsoft)" <brauner@xxxxxxxxxx> > > Hey everyone, > > A long while ago I found a few setgid inheritance bugs in overlayfs in > certain conditions. Amir recently picked this back up in > https://lore.kernel.org/linux-fsdevel/20221003123040.900827-1-amir73il@xxxxxxxxx > and I jumped on board to fix this more generally. This series should > make setgid stripping more consistent and fix the related overlayfs bugs. > > [...] Moving this into a branch for some -next exposure: [1/6] attr: add in_group_or_capable() commit: 11c2a8700cdcabf9b639b7204a1e38e2a0b6798e [2/6] fs: move should_remove_suid() commit: e243e3f94c804ecca9a8241b5babe28f35258ef4 [3/6] attr: add setattr_should_drop_sgid() commit: 72ae017c5451860443a16fb2a8c243bff3e396b8 [4/6] attr: use consistent sgid stripping checks commit: ed5a7047d2011cb6b2bf84ceb6680124cc6a7d95 [5/6] ovl: remove privs in ovl_copyfile() commit: b306e90ffabdaa7e3b3350dbcd19b7663e71ab17 [6/6] ovl: remove privs in ovl_fallocate() commit: 23a8ce16419a3066829ad4a8b7032a75817af65b Thank you for commenting and reviewing! Christian Brauner (Microsoft) <brauner@xxxxxxxxxx>
