Seth Forshee <seth.forshee@xxxxxxxxxxxxx> writes: > On Thu, Sep 24, 2015 at 04:59:35PM -0500, Eric W. Biederman wrote: >> Seth Forshee <seth.forshee@xxxxxxxxxxxxx> writes: >> >> > Capability sets attached to files must be ignored except in the >> > user namespaces where the mounter is privileged, i.e. s_user_ns >> > and its descendants. Otherwise a vector exists for gaining >> > privileges in namespaces where a user is not already privileged. >> > >> > Add a new helper function, in_user_ns(), to test whether a user >> > namespace is the same as or a descendant of another namespace. >> > Use this helper to determine whether a file's capability set >> > should be applied to the caps constructed during exec. >> >> No issues with this but given that we always pass current_user_ns() >> we may want to simplify the users of in_user_ns by renaming it >> current_in_user_ns() and hard codeing current_user_ns(). > > Sure, if that's what you prefer then I'll change it. I took your patch as is. This is a suggestion for a possible incremental improvement. Eric _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
