diff for duplicates of <87pod22a4x.fsf@xmission.com>

All of lore.kernel.org
 help / color / mirror / Atom feed

diff for duplicates of <87pod22a4x.fsf@xmission.com>

diff --git a/a/1.txt b/N1/1.txt
index 1866b6b..10b226c 100644
--- a/a/1.txt
+++ b/N1/1.txt
@@ -1,17 +1,17 @@
-Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:
+Stefan Berger <stefanb@linux.vnet.ibm.com> writes:
 
 > On 07/14/2017 09:34 AM, Serge E. Hallyn wrote:
->> Quoting Stefan Berger (stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org):
+>> Quoting Stefan Berger (stefanb at linux.vnet.ibm.com):
 >>> On 07/13/2017 08:38 PM, Eric W. Biederman wrote:
->>>> Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:
+>>>> Stefan Berger <stefanb@linux.vnet.ibm.com> writes:
 >>>>
 >>>>> On 07/13/2017 01:49 PM, Eric W. Biederman wrote:
 >>>>>
 >>>>>> My big question right now is can you implement Ted's suggested
->>>>>> restriction.  Only one security.foo or secuirty.foo@... attribute ?
+>>>>>> restriction.  Only one security.foo or secuirty.foo at ... attribute ?
 >>>>> We need to raw-list the xattrs and do the check before writing them. I am fairly sure this can be done.
 >>>>>
->>>>> So now you want to allow security.foo and one security.foo@uid=<> or just a single one security.foo(@[[:print:]]*)?
+>>>>> So now you want to allow security.foo and one security.foo at uid=<> or just a single one security.foo(@[[:print:]]*)?
 >>>>>
 >>>> The latter.
 >>> That case would prevent a container user from overriding the xattr
@@ -27,7 +27,7 @@ Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes
 > that container. How would I do that ? Would I need to get rid of security.ima
 > first, possibly by copying each file, deleting the original file, and renaming
 > the copied file to the original name, or should I just be able to write out a
-> new signature, thus creating security.ima@uid=1000 besides the security.ima ?
+> new signature, thus creating security.ima at uid=1000 besides the security.ima ?
 
 This gets us into some interesting territory, where the semantics of
 these attributes matters.
@@ -46,3 +46,7 @@ what those rules should be.
 That may be enough that we can not share code between these two cases.
 
 Eric
+--
+To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
+the body of a message to majordomo at vger.kernel.org
+More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff --git a/a/content_digest b/N1/content_digest
index ffd061b..33aa26f 100644
--- a/a/content_digest
+++ b/N1/content_digest
@@ -10,35 +10,26 @@
  "ref\065dbe654-0d99-03fa-c838-5a726b462826@linux.vnet.ibm.com\0"
  "ref\020170714133437.GA16737@mail.hallyn.com\0"
  "ref\0596f808b-e21d-8296-5fef-23c1ce7ab778@linux.vnet.ibm.com\0"
- "ref\0596f808b-e21d-8296-5fef-23c1ce7ab778-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org\0"
- "From\0ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)\0"
- "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0"
+ "From\0ebiederm@xmission.com (Eric W. Biederman)\0"
+ "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0"
  "Date\0Fri, 14 Jul 2017 12:36:46 -0500\0"
- "To\0Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0"
- "Cc\0Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org>"
-  zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org
-  containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
-  linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org
-  linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org
- " lkp-JC7UmRfGjtg@public.gmane.org\0"
+ "To\0linux-security-module@vger.kernel.org\0"
  "\00:1\0"
  "b\0"
- "Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n"
+ "Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n"
  "\n"
  "> On 07/14/2017 09:34 AM, Serge E. Hallyn wrote:\n"
- ">> Quoting Stefan Berger (stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org):\n"
+ ">> Quoting Stefan Berger (stefanb at linux.vnet.ibm.com):\n"
  ">>> On 07/13/2017 08:38 PM, Eric W. Biederman wrote:\n"
- ">>>> Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n"
+ ">>>> Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n"
  ">>>>\n"
  ">>>>> On 07/13/2017 01:49 PM, Eric W. Biederman wrote:\n"
  ">>>>>\n"
  ">>>>>> My big question right now is can you implement Ted's suggested\n"
- ">>>>>> restriction.  Only one security.foo or secuirty.foo@... attribute ?\n"
+ ">>>>>> restriction.  Only one security.foo or secuirty.foo at ... attribute ?\n"
  ">>>>> We need to raw-list the xattrs and do the check before writing them. I am fairly sure this can be done.\n"
  ">>>>>\n"
- ">>>>> So now you want to allow security.foo and one security.foo@uid=<> or just a single one security.foo(@[[:print:]]*)?\n"
+ ">>>>> So now you want to allow security.foo and one security.foo at uid=<> or just a single one security.foo(@[[:print:]]*)?\n"
  ">>>>>\n"
  ">>>> The latter.\n"
  ">>> That case would prevent a container user from overriding the xattr\n"
@@ -54,7 +45,7 @@
  "> that container. How would I do that ? Would I need to get rid of security.ima\n"
  "> first, possibly by copying each file, deleting the original file, and renaming\n"
  "> the copied file to the original name, or should I just be able to write out a\n"
- "> new signature, thus creating security.ima@uid=1000 besides the security.ima ?\n"
+ "> new signature, thus creating security.ima at uid=1000 besides the security.ima ?\n"
  "\n"
  "This gets us into some interesting territory, where the semantics of\n"
  "these attributes matters.\n"
@@ -72,6 +63,10 @@
  "\n"
  "That may be enough that we can not share code between these two cases.\n"
  "\n"
- Eric
+ "Eric\n"
+ "--\n"
+ "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n"
+ "the body of a message to majordomo at vger.kernel.org\n"
+ More majordomo info at  http://vger.kernel.org/majordomo-info.html
 
-36882ae9618260c25072b5e5144032d0817618a2ff49dc49513521caf39a0d91
+fb1258de44de75306e9e9d662b74746001ab6923e5f1467ad39ba3b7a58c28f9

diff --git a/a/1.txt b/N2/1.txt
index 1866b6b..81f7bce 100644
--- a/a/1.txt
+++ b/N2/1.txt
@@ -1,17 +1,17 @@
-Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:
+Stefan Berger <stefanb@linux.vnet.ibm.com> writes:
 
 > On 07/14/2017 09:34 AM, Serge E. Hallyn wrote:
->> Quoting Stefan Berger (stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org):
+>> Quoting Stefan Berger (stefanb(a)linux.vnet.ibm.com):
 >>> On 07/13/2017 08:38 PM, Eric W. Biederman wrote:
->>>> Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:
+>>>> Stefan Berger <stefanb@linux.vnet.ibm.com> writes:
 >>>>
 >>>>> On 07/13/2017 01:49 PM, Eric W. Biederman wrote:
 >>>>>
 >>>>>> My big question right now is can you implement Ted's suggested
->>>>>> restriction.  Only one security.foo or secuirty.foo@... attribute ?
+>>>>>> restriction.  Only one security.foo or secuirty.foo(a)... attribute ?
 >>>>> We need to raw-list the xattrs and do the check before writing them. I am fairly sure this can be done.
 >>>>>
->>>>> So now you want to allow security.foo and one security.foo@uid=<> or just a single one security.foo(@[[:print:]]*)?
+>>>>> So now you want to allow security.foo and one security.foo(a)uid=<> or just a single one security.foo(@[[:print:]]*)?
 >>>>>
 >>>> The latter.
 >>> That case would prevent a container user from overriding the xattr
@@ -27,7 +27,7 @@ Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes
 > that container. How would I do that ? Would I need to get rid of security.ima
 > first, possibly by copying each file, deleting the original file, and renaming
 > the copied file to the original name, or should I just be able to write out a
-> new signature, thus creating security.ima@uid=1000 besides the security.ima ?
+> new signature, thus creating security.ima(a)uid=1000 besides the security.ima ?
 
 This gets us into some interesting territory, where the semantics of
 these attributes matters.
diff --git a/a/content_digest b/N2/content_digest
index ffd061b..ce538f1 100644
--- a/a/content_digest
+++ b/N2/content_digest
@@ -1,44 +1,24 @@
- "ref\074664cc8-bc3e-75d6-5892-f8934404349f@linux.vnet.ibm.com\0"
- "ref\020170713011554.xwmrgkzfwnibvgcu@thunk.org\0"
- "ref\087y3rscz9j.fsf@xmission.com\0"
- "ref\020170713164012.brj2flnkaaks2oci@thunk.org\0"
- "ref\087k23cb6os.fsf@xmission.com\0"
- "ref\0847ccb2a-30c0-a94c-df6f-091c8901eaa0@linux.vnet.ibm.com\0"
- "ref\087bmoo8bxb.fsf@xmission.com\0"
- "ref\09a3010e5-ca2b-5e7a-656b-fcc14f7bec4e@linux.vnet.ibm.com\0"
- "ref\087h8yf7szd.fsf@xmission.com\0"
- "ref\065dbe654-0d99-03fa-c838-5a726b462826@linux.vnet.ibm.com\0"
- "ref\020170714133437.GA16737@mail.hallyn.com\0"
  "ref\0596f808b-e21d-8296-5fef-23c1ce7ab778@linux.vnet.ibm.com\0"
- "ref\0596f808b-e21d-8296-5fef-23c1ce7ab778-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org\0"
- "From\0ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)\0"
+ "From\0Eric W. Biederman <ebiederm@xmission.com>\0"
  "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0"
  "Date\0Fri, 14 Jul 2017 12:36:46 -0500\0"
- "To\0Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0"
- "Cc\0Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org>"
-  zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org
-  containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
-  linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org
-  linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org
- " lkp-JC7UmRfGjtg@public.gmane.org\0"
- "\00:1\0"
+ "To\0lkp@lists.01.org\0"
+ "\01:1\0"
  "b\0"
- "Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n"
+ "Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n"
  "\n"
  "> On 07/14/2017 09:34 AM, Serge E. Hallyn wrote:\n"
- ">> Quoting Stefan Berger (stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org):\n"
+ ">> Quoting Stefan Berger (stefanb(a)linux.vnet.ibm.com):\n"
  ">>> On 07/13/2017 08:38 PM, Eric W. Biederman wrote:\n"
- ">>>> Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n"
+ ">>>> Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n"
  ">>>>\n"
  ">>>>> On 07/13/2017 01:49 PM, Eric W. Biederman wrote:\n"
  ">>>>>\n"
  ">>>>>> My big question right now is can you implement Ted's suggested\n"
- ">>>>>> restriction.  Only one security.foo or secuirty.foo@... attribute ?\n"
+ ">>>>>> restriction.  Only one security.foo or secuirty.foo(a)... attribute ?\n"
  ">>>>> We need to raw-list the xattrs and do the check before writing them. I am fairly sure this can be done.\n"
  ">>>>>\n"
- ">>>>> So now you want to allow security.foo and one security.foo@uid=<> or just a single one security.foo(@[[:print:]]*)?\n"
+ ">>>>> So now you want to allow security.foo and one security.foo(a)uid=<> or just a single one security.foo(@[[:print:]]*)?\n"
  ">>>>>\n"
  ">>>> The latter.\n"
  ">>> That case would prevent a container user from overriding the xattr\n"
@@ -54,7 +34,7 @@
  "> that container. How would I do that ? Would I need to get rid of security.ima\n"
  "> first, possibly by copying each file, deleting the original file, and renaming\n"
  "> the copied file to the original name, or should I just be able to write out a\n"
- "> new signature, thus creating security.ima@uid=1000 besides the security.ima ?\n"
+ "> new signature, thus creating security.ima(a)uid=1000 besides the security.ima ?\n"
  "\n"
  "This gets us into some interesting territory, where the semantics of\n"
  "these attributes matters.\n"
@@ -74,4 +54,4 @@
  "\n"
  Eric
 
-36882ae9618260c25072b5e5144032d0817618a2ff49dc49513521caf39a0d91
+168304e7703bc559efb844bf52ce311fbe77a743aaebc02f8aa1588fd4765a41

diff --git a/a/1.txt b/N3/1.txt
index 1866b6b..ed3f400 100644
--- a/a/1.txt
+++ b/N3/1.txt
@@ -1,9 +1,9 @@
-Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:
+Stefan Berger <stefanb@linux.vnet.ibm.com> writes:
 
 > On 07/14/2017 09:34 AM, Serge E. Hallyn wrote:
->> Quoting Stefan Berger (stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org):
+>> Quoting Stefan Berger (stefanb@linux.vnet.ibm.com):
 >>> On 07/13/2017 08:38 PM, Eric W. Biederman wrote:
->>>> Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:
+>>>> Stefan Berger <stefanb@linux.vnet.ibm.com> writes:
 >>>>
 >>>>> On 07/13/2017 01:49 PM, Eric W. Biederman wrote:
 >>>>>
diff --git a/a/content_digest b/N3/content_digest
index ffd061b..0b17844 100644
--- a/a/content_digest
+++ b/N3/content_digest
@@ -10,27 +10,31 @@
  "ref\065dbe654-0d99-03fa-c838-5a726b462826@linux.vnet.ibm.com\0"
  "ref\020170714133437.GA16737@mail.hallyn.com\0"
  "ref\0596f808b-e21d-8296-5fef-23c1ce7ab778@linux.vnet.ibm.com\0"
- "ref\0596f808b-e21d-8296-5fef-23c1ce7ab778-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org\0"
- "From\0ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)\0"
+ "From\0ebiederm@xmission.com (Eric W. Biederman)\0"
  "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0"
  "Date\0Fri, 14 Jul 2017 12:36:46 -0500\0"
- "To\0Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0"
- "Cc\0Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org>"
-  zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org
-  containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
-  linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org
-  linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
-  casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org
- " lkp-JC7UmRfGjtg@public.gmane.org\0"
+ "To\0Stefan Berger <stefanb@linux.vnet.ibm.com>\0"
+ "Cc\0Serge E. Hallyn <serge@hallyn.com>"
+  Theodore Ts'o <tytso@mit.edu>
+  containers@lists.linux-foundation.org
+  lkp@01.org
+  linux-kernel@vger.kernel.org
+  zohar@linux.vnet.ibm.com
+  tycho@docker.com
+  James.Bottomley@hansenpartnership.com
+  vgoyal@redhat.com
+  christian.brauner@mailbox.org
+  amir73il@gmail.com
+  linux-security-module@vger.kernel.org
+ " casey@schaufler-ca.com\0"
  "\00:1\0"
  "b\0"
- "Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n"
+ "Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n"
  "\n"
  "> On 07/14/2017 09:34 AM, Serge E. Hallyn wrote:\n"
- ">> Quoting Stefan Berger (stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org):\n"
+ ">> Quoting Stefan Berger (stefanb@linux.vnet.ibm.com):\n"
  ">>> On 07/13/2017 08:38 PM, Eric W. Biederman wrote:\n"
- ">>>> Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n"
+ ">>>> Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n"
  ">>>>\n"
  ">>>>> On 07/13/2017 01:49 PM, Eric W. Biederman wrote:\n"
  ">>>>>\n"
@@ -74,4 +78,4 @@
  "\n"
  Eric
 
-36882ae9618260c25072b5e5144032d0817618a2ff49dc49513521caf39a0d91
+e4272feb9699d4a90a704f46acfc3b721170889041aeec30d44499e8c8c0f967

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.