Quoting Seth Forshee (seth.forshee@xxxxxxxxxxxxx): > On Fri, Dec 04, 2015 at 11:27:38AM -0600, Serge E. Hallyn wrote: > > On Wed, Dec 02, 2015 at 09:40:09AM -0600, Seth Forshee wrote: > > > Add checks to inode_change_ok to verify that uid and gid changes > > > will map into the superblock's user namespace. If they do not > > > fail with -EOVERFLOW. This cannot be overriden with ATTR_FORCE. > > > > > > Signed-off-by: Seth Forshee <seth.forshee@xxxxxxxxxxxxx> > > > > Acked-by: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx> > > > > ... although i could see root on the host being upset that it can't > > assign a uid not valid in the mounter's ns. But it does seem safer. > > That change wouldn't be representable in the backing store though, and > that could lead to unexpected behaviour. It's better to tell root that > we can't make the requested change, in my opinion. Makes sense. Thanks. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
