Seth Forshee <seth.forshee@xxxxxxxxxxxxx> writes: > On Thu, Sep 24, 2015 at 04:59:35PM -0500, Eric W. Biederman wrote: >> Seth Forshee <seth.forshee@xxxxxxxxxxxxx> writes: >> >> > Capability sets attached to files must be ignored except in the >> > user namespaces where the mounter is privileged, i.e. s_user_ns >> > and its descendants. Otherwise a vector exists for gaining >> > privileges in namespaces where a user is not already privileged. >> > >> > Add a new helper function, in_user_ns(), to test whether a user >> > namespace is the same as or a descendant of another namespace. >> > Use this helper to determine whether a file's capability set >> > should be applied to the caps constructed during exec. >> >> No issues with this but given that we always pass current_user_ns() >> we may want to simplify the users of in_user_ns by renaming it >> current_in_user_ns() and hard codeing current_user_ns(). > > Sure, if that's what you prefer then I'll change it. I took your patch as is. This is a suggestion for a possible incremental improvement. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
