From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx2.suse.de ([195.135.220.15]:44037 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932110AbcGDIw3 (ORCPT ); Mon, 4 Jul 2016 04:52:29 -0400 Date: Mon, 4 Jul 2016 10:52:20 +0200 From: Jan Kara To: "Eric W. Biederman" Cc: Seth Forshee , Linux Containers , linux-fsdevel@vger.kernel.org, Linux API , James Bottomley , Djalal Harouni , "Serge E. Hallyn" , Andy Lutomirski , Jan Kara , Jann Horn , Michael Kerrisk Subject: Re: [PATCH review 0/11] General unprivileged mount support Message-ID: <20160704085220.GC5200@quack2.suse.cz> References: <87ziq03qnj.fsf@x220.int.ebiederm.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87ziq03qnj.fsf@x220.int.ebiederm.org> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: On Sat 02-07-16 12:18:08, Eric W. Biederman wrote: > > As well as in these patches the code is also available from: > git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-testing > > It has been a long time in coming but recently in the userns tree the > superblock has been expanded with a s_user_ns field indicating the user > namespace that owns a superblock. > > The s_user_ns owner of a superblock has three implications. > - Only kuids and kgids that map into s_user_ns are allowed to be sent to a > filesystem from the vfs. > - If the uid or gid on the filesystem does not map into s_user_ns i_uid > is set to INVALID_UID and i_gid is set to INVALID_GID. > - The scope of permission checks can be changed from global to a > capabilitiy check in s_user_ns. OK, to check that I understand it right: So the uids and gids that are stored on disk are still expected to be in the initial id namespace, aren't they? Honza -- Jan Kara SUSE Labs, CR