On Wed, Jul 15, 2015 at 06:23:01PM -0700, Andy Lutomirski wrote: > > So if we have the s_user_ns check in get_file_caps the mnt_may_suid pass > > isn't strictly necessary, but I still think it is useful as a mitigation > > to the "leaks" Eric mentions. It _should_ be impossible for a user to > > gain access to another user's mount namespace, > > No, it's very easy with SCM_RIGHTS. We should make sure it's safe. Sure, what I really meant was that an attacker shouldn't be able to do so without cooperation from the other user's processes. But I think we're all in agreement that making it safe is a good idea. Seth _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
