diff for duplicates of <20170623183520.GC21137@mail.hallyn.com> diff --git a/a/1.txt b/N1/1.txt index d05a0a6..acb1bec 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -1,7 +1,7 @@ -Quoting Stefan Berger (stefanb at linux.vnet.ibm.com): +Quoting Stefan Berger (stefanb@linux.vnet.ibm.com): > On 06/23/2017 12:16 PM, Casey Schaufler wrote: > >On 6/23/2017 9:00 AM, Serge E. Hallyn wrote: -> >>Quoting Amir Goldstein (amir73il at gmail.com): +> >>Quoting Amir Goldstein (amir73il@gmail.com): > >>>On Thu, Jun 22, 2017 at 9:59 PM, Stefan Berger > >>><stefanb@linux.vnet.ibm.com> wrote: > >>>>This series of patches primary goal is to enable file capabilities @@ -14,11 +14,11 @@ Quoting Stefan Berger (stefanb at linux.vnet.ibm.com): > >>>>name when a user namespace is used. If for example the root user > >>>>in a user namespace writes the security.capability xattr, the name > >>>>of the xattr that is actually written is encoded as -> >>>>security.capability at uid=1000 for root mapped to uid 1000 on the host. +> >>>>security.capability@uid=1000 for root mapped to uid 1000 on the host. > >>>>When listing the xattrs on the host, the existing security.capability -> >>>>as well as the security.capability at uid=1000 will be shown. Inside the +> >>>>as well as the security.capability@uid=1000 will be shown. Inside the > >>>>namespace only 'security.capability', with the value of -> >>>>security.capability at uid=1000, is visible. +> >>>>security.capability@uid=1000, is visible. > >>>> > >>>Am I the only one who thinks that suffix is perhaps not the best grammar > >>>to use for this namespace? @@ -27,23 +27,19 @@ Quoting Stefan Berger (stefanb at linux.vnet.ibm.com): > >>>xattrs are clearly namespaced by prefix, so it seems right to me to keep > >>>it that way - define a new special xattr namespace "ns" and only if that > >>>prefix exists, the @uid suffix will be parsed. -> >>>This could be either ns.security.capability at uid=1000 or -> >>>ns at uid=1000.security.capability. The latter seems more correct to me, +> >>>This could be either ns.security.capability@uid=1000 or +> >>>ns@uid=1000.security.capability. The latter seems more correct to me, > >>>because then we will be able to namespace any xattr without having to > >>>protect from "unprivileged xattr injection", i.e.: -> >>>setfattr -n "user.whatever.foo at uid=0" +> >>>setfattr -n "user.whatever.foo@uid=0" > >>I like it for simplifying the parser code. One concern I have is that, > >>since ns.* is currently not gated, one could write ns.* on an older > >>kernel and then exploit it on a newer one. -> >security.ns.capability at uid=1000, then? +> >security.ns.capability@uid=1000, then? > > Imo, '.ns' is redundant and 'encoded' in the '@'. So how about - security. at uid=1000@@capability ? + security.@uid=1000@@capability ? Maybe it's not worth it. --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index bf7b3c7..5a6945d 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -3,16 +3,30 @@ "ref\020170623160026.GA18257@mail.hallyn.com\0" "ref\0aa62373e-7cd6-39dd-2e38-2b6d6dbe18a8@schaufler-ca.com\0" "ref\03404c486-c848-3283-50f7-2283cb631e8e@linux.vnet.ibm.com\0" - "From\0serge@hallyn.com (Serge E. Hallyn)\0" - "Subject\0[PATCH 0/3] Enable namespaced file capabilities\0" + "From\0Serge E. Hallyn <serge@hallyn.com>\0" + "Subject\0Re: [PATCH 0/3] Enable namespaced file capabilities\0" "Date\0Fri, 23 Jun 2017 13:35:20 -0500\0" - "To\0linux-security-module@vger.kernel.org\0" + "To\0Stefan Berger <stefanb@linux.vnet.ibm.com>\0" + "Cc\0Casey Schaufler <casey@schaufler-ca.com>" + Serge E. Hallyn <serge@hallyn.com> + Amir Goldstein <amir73il@gmail.com> + Eric W. Biederman <ebiederm@xmission.com> + Linux Containers <containers@lists.linux-foundation.org> + lkp@01.org + xiaolong.ye@intel.com + linux-kernel <linux-kernel@vger.kernel.org> + Mimi Zohar <zohar@linux.vnet.ibm.com> + Tycho Andersen <tycho@docker.com> + James Bottomley <James.Bottomley@hansenpartnership.com> + christian.brauner@mailbox.org + Vivek Goyal <vgoyal@redhat.com> + " LSM List <linux-security-module@vger.kernel.org>\0" "\00:1\0" "b\0" - "Quoting Stefan Berger (stefanb at linux.vnet.ibm.com):\n" + "Quoting Stefan Berger (stefanb@linux.vnet.ibm.com):\n" "> On 06/23/2017 12:16 PM, Casey Schaufler wrote:\n" "> >On 6/23/2017 9:00 AM, Serge E. Hallyn wrote:\n" - "> >>Quoting Amir Goldstein (amir73il at gmail.com):\n" + "> >>Quoting Amir Goldstein (amir73il@gmail.com):\n" "> >>>On Thu, Jun 22, 2017 at 9:59 PM, Stefan Berger\n" "> >>><stefanb@linux.vnet.ibm.com> wrote:\n" "> >>>>This series of patches primary goal is to enable file capabilities\n" @@ -25,11 +39,11 @@ "> >>>>name when a user namespace is used. If for example the root user\n" "> >>>>in a user namespace writes the security.capability xattr, the name\n" "> >>>>of the xattr that is actually written is encoded as\n" - "> >>>>security.capability at uid=1000 for root mapped to uid 1000 on the host.\n" + "> >>>>security.capability@uid=1000 for root mapped to uid 1000 on the host.\n" "> >>>>When listing the xattrs on the host, the existing security.capability\n" - "> >>>>as well as the security.capability at uid=1000 will be shown. Inside the\n" + "> >>>>as well as the security.capability@uid=1000 will be shown. Inside the\n" "> >>>>namespace only 'security.capability', with the value of\n" - "> >>>>security.capability at uid=1000, is visible.\n" + "> >>>>security.capability@uid=1000, is visible.\n" "> >>>>\n" "> >>>Am I the only one who thinks that suffix is perhaps not the best grammar\n" "> >>>to use for this namespace?\n" @@ -38,25 +52,21 @@ "> >>>xattrs are clearly namespaced by prefix, so it seems right to me to keep\n" "> >>>it that way - define a new special xattr namespace \"ns\" and only if that\n" "> >>>prefix exists, the @uid suffix will be parsed.\n" - "> >>>This could be either ns.security.capability at uid=1000 or\n" - "> >>>ns at uid=1000.security.capability. The latter seems more correct to me,\n" + "> >>>This could be either ns.security.capability@uid=1000 or\n" + "> >>>ns@uid=1000.security.capability. The latter seems more correct to me,\n" "> >>>because then we will be able to namespace any xattr without having to\n" "> >>>protect from \"unprivileged xattr injection\", i.e.:\n" - "> >>>setfattr -n \"user.whatever.foo at uid=0\"\n" + "> >>>setfattr -n \"user.whatever.foo@uid=0\"\n" "> >>I like it for simplifying the parser code. One concern I have is that,\n" "> >>since ns.* is currently not gated, one could write ns.* on an older\n" "> >>kernel and then exploit it on a newer one.\n" - "> >security.ns.capability at uid=1000, then?\n" + "> >security.ns.capability@uid=1000, then?\n" "> \n" "> Imo, '.ns' is redundant and 'encoded' in the '@'.\n" "\n" "So how about\n" - "\tsecurity. at uid=1000@@capability ?\n" + "\tsecurity.@uid=1000@@capability ?\n" "\n" - "Maybe it's not worth it.\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Maybe it's not worth it. -0cdb08aa3e02e8c41e37907584b82ea4b6935004c0454c50ac137aac27d7400b +19950a306152f7fddf398c59dca553f21811cb3cec91e56e435b04e65fb78da9
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.