diff for duplicates of <20170718114849.GA8233@redhat.com> diff --git a/a/1.txt b/N1/1.txt index 6d8d795..f33e1d8 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -39,8 +39,8 @@ On Mon, Jul 17, 2017 at 04:50:22PM -0400, Stefan Berger wrote: > > previously. > > This case of size=0 is a problem in userns. Depending on the mapping of the -> userid's the list can expand. A security.foo at uid=100 can become -> security.foo at uid=100000, if the mapping is set up so that uid 100 on the +> userid's the list can expand. A security.foo(a)uid=100 can become +> security.foo(a)uid=100000, if the mapping is set up so that uid 100 on the > host becomes uid 100000 inside the container. So for now we only have > security.capability and the way I solved this is by allocating a 65k buffer > when calling from a userns. In this buffer where we gather the xattr names @@ -65,7 +65,3 @@ and none of the existing users are broken. Thanks Vivek --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index 3ba3581..d391c4d 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,12 +1,9 @@ - "ref\01499785511-17192-1-git-send-email-stefanb@linux.vnet.ibm.com\0" - "ref\01499785511-17192-2-git-send-email-stefanb@linux.vnet.ibm.com\0" - "ref\020170717185811.GC15794@redhat.com\0" "ref\07a39e8a6-a33b-f6a8-3fd5-6211c075ab91@linux.vnet.ibm.com\0" - "From\0vgoyal@redhat.com (Vivek Goyal)\0" - "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0" + "From\0Vivek Goyal <vgoyal@redhat.com>\0" + "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0" "Date\0Tue, 18 Jul 2017 07:48:49 -0400\0" - "To\0linux-security-module@vger.kernel.org\0" - "\00:1\0" + "To\0lkp@lists.01.org\0" + "\01:1\0" "b\0" "On Mon, Jul 17, 2017 at 04:50:22PM -0400, Stefan Berger wrote:\n" "> On 07/17/2017 02:58 PM, Vivek Goyal wrote:\n" @@ -49,8 +46,8 @@ "> > previously.\n" "> \n" "> This case of size=0 is a problem in userns. Depending on the mapping of the\n" - "> userid's the list can expand. A security.foo at uid=100 can become\n" - "> security.foo at uid=100000, if the mapping is set up so that uid 100 on the\n" + "> userid's the list can expand. A security.foo(a)uid=100 can become\n" + "> security.foo(a)uid=100000, if the mapping is set up so that uid 100 on the\n" "> host becomes uid 100000 inside the container. So for now we only have\n" "> security.capability and the way I solved this is by allocating a 65k buffer\n" "> when calling from a userns. In this buffer where we gather the xattr names\n" @@ -74,10 +71,6 @@ "and none of the existing users are broken.\n" "\n" "Thanks\n" - "Vivek\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Vivek -d322306adb0f915ea5edc6a243ecf195794100fc51641fe4f97bcf232a644467 +7fd7bddee09d2f28b7e7d45d3f592816a1c3bef6aad6b6def7c8243f9d22e677
diff --git a/a/1.txt b/N2/1.txt index 6d8d795..6030616 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -39,8 +39,8 @@ On Mon, Jul 17, 2017 at 04:50:22PM -0400, Stefan Berger wrote: > > previously. > > This case of size=0 is a problem in userns. Depending on the mapping of the -> userid's the list can expand. A security.foo at uid=100 can become -> security.foo at uid=100000, if the mapping is set up so that uid 100 on the +> userid's the list can expand. A security.foo@uid=100 can become +> security.foo@uid=100000, if the mapping is set up so that uid 100 on the > host becomes uid 100000 inside the container. So for now we only have > security.capability and the way I solved this is by allocating a 65k buffer > when calling from a userns. In this buffer where we gather the xattr names @@ -65,7 +65,3 @@ and none of the existing users are broken. Thanks Vivek --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index 3ba3581..7ac2c1c 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -2,10 +2,23 @@ "ref\01499785511-17192-2-git-send-email-stefanb@linux.vnet.ibm.com\0" "ref\020170717185811.GC15794@redhat.com\0" "ref\07a39e8a6-a33b-f6a8-3fd5-6211c075ab91@linux.vnet.ibm.com\0" - "From\0vgoyal@redhat.com (Vivek Goyal)\0" - "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0" + "From\0Vivek Goyal <vgoyal@redhat.com>\0" + "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0" "Date\0Tue, 18 Jul 2017 07:48:49 -0400\0" - "To\0linux-security-module@vger.kernel.org\0" + "To\0Stefan Berger <stefanb@linux.vnet.ibm.com>\0" + "Cc\0Stefan Berger <StefanBergerstefanb@linux.vnet.ibm.com>" + ebiederm@xmission.com + containers@lists.linux-foundation.org + lkp@01.org + linux-kernel@vger.kernel.org + zohar@linux.vnet.ibm.com + tycho@docker.com + serge@hallyn.com + James.Bottomley@hansenpartnership.com + christian.brauner@mailbox.org + amir73il@gmail.com + linux-security-module@vger.kernel.org + " casey@schaufler-ca.com\0" "\00:1\0" "b\0" "On Mon, Jul 17, 2017 at 04:50:22PM -0400, Stefan Berger wrote:\n" @@ -49,8 +62,8 @@ "> > previously.\n" "> \n" "> This case of size=0 is a problem in userns. Depending on the mapping of the\n" - "> userid's the list can expand. A security.foo at uid=100 can become\n" - "> security.foo at uid=100000, if the mapping is set up so that uid 100 on the\n" + "> userid's the list can expand. A security.foo@uid=100 can become\n" + "> security.foo@uid=100000, if the mapping is set up so that uid 100 on the\n" "> host becomes uid 100000 inside the container. So for now we only have\n" "> security.capability and the way I solved this is by allocating a 65k buffer\n" "> when calling from a userns. In this buffer where we gather the xattr names\n" @@ -74,10 +87,6 @@ "and none of the existing users are broken.\n" "\n" "Thanks\n" - "Vivek\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Vivek -d322306adb0f915ea5edc6a243ecf195794100fc51641fe4f97bcf232a644467 +28735bb341abb9b8809bf6d565363e20031ce2e73929d487896cd4aca59c9387
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.