diff for duplicates of <87shhtho07.fsf@xmission.com> diff --git a/a/1.txt b/N1/1.txt index 569780b..519a5b1 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -41,8 +41,8 @@ Vivek Goyal <vgoyal@redhat.com> writes: >> > > > > xattrs so actually returned string will be smaller than size reported >> > > > > previously. >> > > > This case of size=0 is a problem in userns. Depending on the mapping of the ->> > > > userid's the list can expand. A security.foo at uid=100 can become ->> > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the +>> > > > userid's the list can expand. A security.foo(a)uid=100 can become +>> > > > security.foo(a)uid=100000, if the mapping is set up so that uid 100 on the >> > > > host becomes uid 100000 inside the container. So for now we only have >> > > > security.capability and the way I solved this is by allocating a 65k buffer >> > > > when calling from a userns. In this buffer where we gather the xattr names @@ -81,8 +81,3 @@ Vivek Goyal <vgoyal@redhat.com> writes: A valid reason to be leary of storing attributs in the xattrs. Eric - --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index f395c88..e8ae321 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,16 +1,9 @@ - "ref\01499785511-17192-1-git-send-email-stefanb@linux.vnet.ibm.com\0" - "ref\01499785511-17192-2-git-send-email-stefanb@linux.vnet.ibm.com\0" - "ref\020170717185811.GC15794@redhat.com\0" - "ref\07a39e8a6-a33b-f6a8-3fd5-6211c075ab91@linux.vnet.ibm.com\0" - "ref\020170718114849.GA8233@redhat.com\0" - "ref\055971eea-fde2-439a-2fe5-d0ae5e80bc22@linux.vnet.ibm.com\0" - "ref\020170718123009.GB8233@redhat.com\0" "ref\020170718123603.GC8233@redhat.com\0" - "From\0ebiederm@xmission.com (Eric W. Biederman)\0" - "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0" + "From\0Eric W. Biederman <ebiederm@xmission.com>\0" + "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0" "Date\0Tue, 18 Jul 2017 08:29:28 -0500\0" - "To\0linux-security-module@vger.kernel.org\0" - "\00:1\0" + "To\0lkp@lists.01.org\0" + "\01:1\0" "b\0" "Vivek Goyal <vgoyal@redhat.com> writes:\n" "\n" @@ -55,8 +48,8 @@ ">> > > > > xattrs so actually returned string will be smaller than size reported\n" ">> > > > > previously.\n" ">> > > > This case of size=0 is a problem in userns. Depending on the mapping of the\n" - ">> > > > userid's the list can expand. A security.foo at uid=100 can become\n" - ">> > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the\n" + ">> > > > userid's the list can expand. A security.foo(a)uid=100 can become\n" + ">> > > > security.foo(a)uid=100000, if the mapping is set up so that uid 100 on the\n" ">> > > > host becomes uid 100000 inside the container. So for now we only have\n" ">> > > > security.capability and the way I solved this is by allocating a 65k buffer\n" ">> > > > when calling from a userns. In this buffer where we gather the xattr names\n" @@ -94,11 +87,6 @@ "\n" "A valid reason to be leary of storing attributs in the xattrs.\n" "\n" - "Eric\n" - "\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Eric -1c892566b41b6ac9fbd93c0c10a2a436715d33a64939d24d82e0aab15354bac4 +2d176ed4b8d136eadbcff63ba931dec8e83f04a5263eb32042111e246891f290
diff --git a/a/1.txt b/N2/1.txt index 569780b..9888269 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -41,8 +41,8 @@ Vivek Goyal <vgoyal@redhat.com> writes: >> > > > > xattrs so actually returned string will be smaller than size reported >> > > > > previously. >> > > > This case of size=0 is a problem in userns. Depending on the mapping of the ->> > > > userid's the list can expand. A security.foo at uid=100 can become ->> > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the +>> > > > userid's the list can expand. A security.foo@uid=100 can become +>> > > > security.foo@uid=100000, if the mapping is set up so that uid 100 on the >> > > > host becomes uid 100000 inside the container. So for now we only have >> > > > security.capability and the way I solved this is by allocating a 65k buffer >> > > > when calling from a userns. In this buffer where we gather the xattr names @@ -81,8 +81,3 @@ Vivek Goyal <vgoyal@redhat.com> writes: A valid reason to be leary of storing attributs in the xattrs. Eric - --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index f395c88..3666a7f 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -7,9 +7,22 @@ "ref\020170718123009.GB8233@redhat.com\0" "ref\020170718123603.GC8233@redhat.com\0" "From\0ebiederm@xmission.com (Eric W. Biederman)\0" - "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0" + "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0" "Date\0Tue, 18 Jul 2017 08:29:28 -0500\0" - "To\0linux-security-module@vger.kernel.org\0" + "To\0Vivek Goyal <vgoyal@redhat.com>\0" + "Cc\0Stefan Berger <stefanb@linux.vnet.ibm.com>" + Stefan Berger <StefanBergerstefanb@linux.vnet.ibm.com> + containers@lists.linux-foundation.org + lkp@01.org + linux-kernel@vger.kernel.org + zohar@linux.vnet.ibm.com + tycho@docker.com + serge@hallyn.com + James.Bottomley@hansenpartnership.com + christian.brauner@mailbox.org + amir73il@gmail.com + linux-security-module@vger.kernel.org + " casey@schaufler-ca.com\0" "\00:1\0" "b\0" "Vivek Goyal <vgoyal@redhat.com> writes:\n" @@ -55,8 +68,8 @@ ">> > > > > xattrs so actually returned string will be smaller than size reported\n" ">> > > > > previously.\n" ">> > > > This case of size=0 is a problem in userns. Depending on the mapping of the\n" - ">> > > > userid's the list can expand. A security.foo at uid=100 can become\n" - ">> > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the\n" + ">> > > > userid's the list can expand. A security.foo@uid=100 can become\n" + ">> > > > security.foo@uid=100000, if the mapping is set up so that uid 100 on the\n" ">> > > > host becomes uid 100000 inside the container. So for now we only have\n" ">> > > > security.capability and the way I solved this is by allocating a 65k buffer\n" ">> > > > when calling from a userns. In this buffer where we gather the xattr names\n" @@ -94,11 +107,6 @@ "\n" "A valid reason to be leary of storing attributs in the xattrs.\n" "\n" - "Eric\n" - "\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Eric -1c892566b41b6ac9fbd93c0c10a2a436715d33a64939d24d82e0aab15354bac4 +ad4ebc78f0972774ef252ed6a3c60e5cf662aa7db40be4004f669b1d2b52d708
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.