diff for duplicates of <87d192si18.fsf@xmission.com> diff --git a/a/1.txt b/N1/1.txt index 943e596..7febc79 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -12,27 +12,27 @@ Stefan Berger <"Stefan Bergerstefanb"@linux.vnet.ibm.com> writes: > Reading of extended attributes: > > 1a) Reading security.foo from a user namespace will read -> security.foo at uid=<uid> of the parent user namespace instead with uid +> security.foo(a)uid=<uid> of the parent user namespace instead with uid > being the mapping of root in that parent user namespace. An > exception is if root is mapped to uid 0 on the host, and in this case > we will read security.foo directly. -> --> reading security.foo will read security.foo at uid=1000 for uid +> --> reading security.foo will read security.foo(a)uid=1000 for uid > mapping of root to 1000. > -> 1b) If security.foo at uid=<uid> is not available, the security.foo of the +> 1b) If security.foo(a)uid=<uid> is not available, the security.foo of the > parent namespace is tried to be read. This procedure is repeated up to > the init user namespace. This step only applies for reading of extended > attributes and provides the same behavior as older system where the > host's extended attributes applied to user namespaces. > -> 2) All security.foo at uid=<uid> with valid uid mapping in the user namespace +> 2) All security.foo(a)uid=<uid> with valid uid mapping in the user namespace > can be read. The uid within the user namespace will be mapped to the > corresponding uid on the host and that uid will be used in the name of > the extended attribute. -> -> reading security.foo at uid=1 will read security.foo at uid=1001 for uid +> -> reading security.foo(a)uid=1 will read security.foo(a)uid=1001 for uid > mapping of root to 1000, size of at least 2. > -> All security.foo at uid=<uid> can be read (by root) on the host with values +> All security.foo(a)uid=<uid> can be read (by root) on the host with values > of <uid> also being subject to checking for valid mappings. > > 3) No other security.foo* can be read. @@ -44,8 +44,8 @@ Stefan Berger <"Stefan Bergerstefanb"@linux.vnet.ibm.com> writes: > to the user namespace that have a valid mapping. Besides that, names > of the extended attributes are adjusted to represent the mapping. > This means that if root is mapped to uid 1000 on the host, the -> security.foo at uid=1000 will be listed as security.foo in the user -> namespace, security.foo at uid=1001 becomes security.foo at uid=1 and so on. +> security.foo(a)uid=1000 will be listed as security.foo in the user +> namespace, security.foo(a)uid=1001 becomes security.foo(a)uid=1 and so on. > > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> > Signed-off-by: Serge Hallyn <serge@hallyn.com> @@ -64,7 +64,3 @@ While not completely insurmountable that seems like a strong limitation of this design. Eric --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index 8226ab3..f3afc8a 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,10 +1,9 @@ - "ref\01499785511-17192-1-git-send-email-stefanb@linux.vnet.ibm.com\0" "ref\01499785511-17192-2-git-send-email-stefanb@linux.vnet.ibm.com\0" - "From\0ebiederm@xmission.com (Eric W. Biederman)\0" - "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0" + "From\0Eric W. Biederman <ebiederm@xmission.com>\0" + "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0" "Date\0Fri, 14 Jul 2017 18:41:39 -0500\0" - "To\0linux-security-module@vger.kernel.org\0" - "\00:1\0" + "To\0lkp@lists.01.org\0" + "\01:1\0" "b\0" "Stefan Berger <\"Stefan Bergerstefanb\"@linux.vnet.ibm.com> writes:\n" "\n" @@ -20,27 +19,27 @@ "> Reading of extended attributes:\n" ">\n" "> 1a) Reading security.foo from a user namespace will read\n" - "> security.foo at uid=<uid> of the parent user namespace instead with uid\n" + "> security.foo(a)uid=<uid> of the parent user namespace instead with uid\n" "> being the mapping of root in that parent user namespace. An\n" "> exception is if root is mapped to uid 0 on the host, and in this case\n" "> we will read security.foo directly.\n" - "> --> reading security.foo will read security.foo at uid=1000 for uid\n" + "> --> reading security.foo will read security.foo(a)uid=1000 for uid\n" "> mapping of root to 1000.\n" ">\n" - "> 1b) If security.foo at uid=<uid> is not available, the security.foo of the\n" + "> 1b) If security.foo(a)uid=<uid> is not available, the security.foo of the\n" "> parent namespace is tried to be read. This procedure is repeated up to\n" "> the init user namespace. This step only applies for reading of extended\n" "> attributes and provides the same behavior as older system where the\n" "> host's extended attributes applied to user namespaces.\n" ">\n" - "> 2) All security.foo at uid=<uid> with valid uid mapping in the user namespace\n" + "> 2) All security.foo(a)uid=<uid> with valid uid mapping in the user namespace\n" "> can be read. The uid within the user namespace will be mapped to the\n" "> corresponding uid on the host and that uid will be used in the name of\n" "> the extended attribute.\n" - "> -> reading security.foo at uid=1 will read security.foo at uid=1001 for uid\n" + "> -> reading security.foo(a)uid=1 will read security.foo(a)uid=1001 for uid\n" "> mapping of root to 1000, size of at least 2.\n" ">\n" - "> All security.foo at uid=<uid> can be read (by root) on the host with values\n" + "> All security.foo(a)uid=<uid> can be read (by root) on the host with values\n" "> of <uid> also being subject to checking for valid mappings.\n" ">\n" "> 3) No other security.foo* can be read.\n" @@ -52,8 +51,8 @@ "> to the user namespace that have a valid mapping. Besides that, names\n" "> of the extended attributes are adjusted to represent the mapping.\n" "> This means that if root is mapped to uid 1000 on the host, the\n" - "> security.foo at uid=1000 will be listed as security.foo in the user\n" - "> namespace, security.foo at uid=1001 becomes security.foo at uid=1 and so on.\n" + "> security.foo(a)uid=1000 will be listed as security.foo in the user\n" + "> namespace, security.foo(a)uid=1001 becomes security.foo(a)uid=1 and so on.\n" ">\n" "> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>\n" "> Signed-off-by: Serge Hallyn <serge@hallyn.com>\n" @@ -71,10 +70,6 @@ "While not completely insurmountable that seems like a strong limitation of\n" "this design.\n" "\n" - "Eric\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Eric -99957a6579e731e769382a89787a97697dbef8673cfa32b07f4e08f0a9ce3b7b +b36e18ae768ede7faa341b07eabbd0b464d32eed5bc4f78eb6b3df497375f0c3
diff --git a/a/1.txt b/N2/1.txt index 943e596..e380364 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -12,27 +12,27 @@ Stefan Berger <"Stefan Bergerstefanb"@linux.vnet.ibm.com> writes: > Reading of extended attributes: > > 1a) Reading security.foo from a user namespace will read -> security.foo at uid=<uid> of the parent user namespace instead with uid +> security.foo@uid=<uid> of the parent user namespace instead with uid > being the mapping of root in that parent user namespace. An > exception is if root is mapped to uid 0 on the host, and in this case > we will read security.foo directly. -> --> reading security.foo will read security.foo at uid=1000 for uid +> --> reading security.foo will read security.foo@uid=1000 for uid > mapping of root to 1000. > -> 1b) If security.foo at uid=<uid> is not available, the security.foo of the +> 1b) If security.foo@uid=<uid> is not available, the security.foo of the > parent namespace is tried to be read. This procedure is repeated up to > the init user namespace. This step only applies for reading of extended > attributes and provides the same behavior as older system where the > host's extended attributes applied to user namespaces. > -> 2) All security.foo at uid=<uid> with valid uid mapping in the user namespace +> 2) All security.foo@uid=<uid> with valid uid mapping in the user namespace > can be read. The uid within the user namespace will be mapped to the > corresponding uid on the host and that uid will be used in the name of > the extended attribute. -> -> reading security.foo at uid=1 will read security.foo at uid=1001 for uid +> -> reading security.foo@uid=1 will read security.foo@uid=1001 for uid > mapping of root to 1000, size of at least 2. > -> All security.foo at uid=<uid> can be read (by root) on the host with values +> All security.foo@uid=<uid> can be read (by root) on the host with values > of <uid> also being subject to checking for valid mappings. > > 3) No other security.foo* can be read. @@ -44,8 +44,8 @@ Stefan Berger <"Stefan Bergerstefanb"@linux.vnet.ibm.com> writes: > to the user namespace that have a valid mapping. Besides that, names > of the extended attributes are adjusted to represent the mapping. > This means that if root is mapped to uid 1000 on the host, the -> security.foo at uid=1000 will be listed as security.foo in the user -> namespace, security.foo at uid=1001 becomes security.foo at uid=1 and so on. +> security.foo@uid=1000 will be listed as security.foo in the user +> namespace, security.foo@uid=1001 becomes security.foo@uid=1 and so on. > > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> > Signed-off-by: Serge Hallyn <serge@hallyn.com> @@ -64,7 +64,3 @@ While not completely insurmountable that seems like a strong limitation of this design. Eric --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index 8226ab3..a29716d 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -1,9 +1,22 @@ "ref\01499785511-17192-1-git-send-email-stefanb@linux.vnet.ibm.com\0" "ref\01499785511-17192-2-git-send-email-stefanb@linux.vnet.ibm.com\0" "From\0ebiederm@xmission.com (Eric W. Biederman)\0" - "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0" + "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0" "Date\0Fri, 14 Jul 2017 18:41:39 -0500\0" - "To\0linux-security-module@vger.kernel.org\0" + "To\0Stefan Berger <stefanb@linux.vnet.ibm.com>\0" + "Cc\0containers@lists.linux-foundation.org" + lkp@01.org + linux-kernel@vger.kernel.org + zohar@linux.vnet.ibm.com + tycho@docker.com + serge@hallyn.com + James.Bottomley@hansenpartnership.com + vgoyal@redhat.com + christian.brauner@mailbox.org + amir73il@gmail.com + linux-security-module@vger.kernel.org + casey@schaufler-ca.com + " Stefan Berger <stefanb@linux.vnet.ibm.com>\0" "\00:1\0" "b\0" "Stefan Berger <\"Stefan Bergerstefanb\"@linux.vnet.ibm.com> writes:\n" @@ -20,27 +33,27 @@ "> Reading of extended attributes:\n" ">\n" "> 1a) Reading security.foo from a user namespace will read\n" - "> security.foo at uid=<uid> of the parent user namespace instead with uid\n" + "> security.foo@uid=<uid> of the parent user namespace instead with uid\n" "> being the mapping of root in that parent user namespace. An\n" "> exception is if root is mapped to uid 0 on the host, and in this case\n" "> we will read security.foo directly.\n" - "> --> reading security.foo will read security.foo at uid=1000 for uid\n" + "> --> reading security.foo will read security.foo@uid=1000 for uid\n" "> mapping of root to 1000.\n" ">\n" - "> 1b) If security.foo at uid=<uid> is not available, the security.foo of the\n" + "> 1b) If security.foo@uid=<uid> is not available, the security.foo of the\n" "> parent namespace is tried to be read. This procedure is repeated up to\n" "> the init user namespace. This step only applies for reading of extended\n" "> attributes and provides the same behavior as older system where the\n" "> host's extended attributes applied to user namespaces.\n" ">\n" - "> 2) All security.foo at uid=<uid> with valid uid mapping in the user namespace\n" + "> 2) All security.foo@uid=<uid> with valid uid mapping in the user namespace\n" "> can be read. The uid within the user namespace will be mapped to the\n" "> corresponding uid on the host and that uid will be used in the name of\n" "> the extended attribute.\n" - "> -> reading security.foo at uid=1 will read security.foo at uid=1001 for uid\n" + "> -> reading security.foo@uid=1 will read security.foo@uid=1001 for uid\n" "> mapping of root to 1000, size of at least 2.\n" ">\n" - "> All security.foo at uid=<uid> can be read (by root) on the host with values\n" + "> All security.foo@uid=<uid> can be read (by root) on the host with values\n" "> of <uid> also being subject to checking for valid mappings.\n" ">\n" "> 3) No other security.foo* can be read.\n" @@ -52,8 +65,8 @@ "> to the user namespace that have a valid mapping. Besides that, names\n" "> of the extended attributes are adjusted to represent the mapping.\n" "> This means that if root is mapped to uid 1000 on the host, the\n" - "> security.foo at uid=1000 will be listed as security.foo in the user\n" - "> namespace, security.foo at uid=1001 becomes security.foo at uid=1 and so on.\n" + "> security.foo@uid=1000 will be listed as security.foo in the user\n" + "> namespace, security.foo@uid=1001 becomes security.foo@uid=1 and so on.\n" ">\n" "> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>\n" "> Signed-off-by: Serge Hallyn <serge@hallyn.com>\n" @@ -71,10 +84,6 @@ "While not completely insurmountable that seems like a strong limitation of\n" "this design.\n" "\n" - "Eric\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Eric -99957a6579e731e769382a89787a97697dbef8673cfa32b07f4e08f0a9ce3b7b +516185c08c07a8ccaffb24b5e5a9268b10f697f0aec4bf2a903d7fc60df0d961
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.