Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
Subject: Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
From: Alexander Larsson <alexl@xxxxxxxxxx>
Date: Thu, 28 May 2015 22:06:17 +0200
Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>, James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>, gnome-os-list@xxxxxxxxx, Linux Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, mclasen@xxxxxxxxxx, Linux FS Devel <linux-fsdevel@xxxxxxxxxxxxxxx>
In-reply-to: <87mw0omxp0.fsf@x220.int.ebiederm.org>

On Thu, 2015-05-28 at 12:14 -0500, Eric W. Biederman wrote:
> 
> > Where does the second namespace enter into this? 
> 
> Step a.  Create create a user namespace where uid 0 is mapped to your
> real uid, and set up your sandbox (aka mount /dev/pts and everything
> else).
> 
> Step b.  Create a nested user namespace where your uid is identity
> mapped and run your desktop application.  You can even drop all caps 
> in
> your namespace.

Just tried this. Its not the nicest, and it doubles the number of
namespaces in action for each sandbox, but it does work.
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Follow-Ups:
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Kenton Varda

References:
- [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Andy Lutomirski
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Andy Lutomirski
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: James Bottomley
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Alexander Larsson
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: James Bottomley
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Andy Lutomirski
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: James Bottomley
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Andy Lutomirski
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: James Bottomley
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Andy Lutomirski
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: James Bottomley
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Alexander Larsson
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: James Bottomley
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Andy Lutomirski
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Alexander Larsson
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Andy Lutomirski
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Eric W. Biederman
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Andy Lutomirski
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Eric W. Biederman
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Alexander Larsson
- Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
  - From: Eric W. Biederman

Prev by Date: Re: [CFT][PATCH 00/10] Making new mounts of proc and sysfs as safe as bind mounts (take 2)
Next by Date: Re: [CFT][PATCH 00/10] Making new mounts of proc and sysfs as safe as bind mounts (take 2)
Previous by thread: Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
Next by thread: Re: [PATCH] devpts: Add ptmx_uid and ptmx_gid options
Index(es):
- Date
- Thread

[Index of Archives] [Linux Ext4 Filesystem] [Union Filesystem] [Filesystem Testing] [Ceph Users] [Ecryptfs] [AutoFS] [Kernel Newbies] [Share Photos] [Security] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux Cachefs] [Reiser Filesystem] [Linux RAID] [Samba] [Device Mapper] [CEPH Development]