From mboxrd@z Thu Jan  1 00:00:00 1970
From: ebiederm@xmission.com (Eric W. Biederman)
Subject: Re: [REVIEW][PATCH 0/43] Completing the user namespace
Date: Tue, 10 Apr 2012 18:14:15 -0700
Message-ID: <m1pqbfjcig.fsf@fess.ebiederm.org>
References: <m11unyn70b.fsf@fess.ebiederm.org> <4F84838B.8000408@mit.edu>
	<m14nsrxn6v.fsf@fess.ebiederm.org>
	<CAObL_7F2oHtOoDkvNM1io=dovKENNTxS4EDPkr4ns9AEdFqwaQ@mail.gmail.com>
	<m14nsrtady.fsf@fess.ebiederm.org>
	<CAObL_7GFkNfQggDNZ+MicdeTe7duJY7cJJELHcb2-vxHHJkS_g@mail.gmail.com>
	<m162d7kroj.fsf@fess.ebiederm.org>
	<CAObL_7HrsB2KWrX83EtwRUXhZjLAZKuy6TzMDrpqrbBQeHSpLg@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Markus Gutschke <markus@chromium.org>,
	Will Drewry <wad@chromium.org>,
	Cyrill Gorcunov <gorcunov@openvz.org>,
	linux-security-module@vger.kernel.org,
	Al Viro <viro@zeniv.linux.org.uk>,
	linux-fsdevel@vger.kernel.org,
	Andrew Morton <akpm@linux-foundation.org>,
	Linus Torvalds <torvalds@linux-foundation.org>
To: Andrew Lutomirski <luto@mit.edu>
Return-path: <linux-security-module-owner@vger.kernel.org>
In-Reply-To: <CAObL_7HrsB2KWrX83EtwRUXhZjLAZKuy6TzMDrpqrbBQeHSpLg@mail.gmail.com>
	(Andrew Lutomirski's message of "Tue, 10 Apr 2012 18:00:59 -0700")
Sender: linux-security-module-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

Andrew Lutomirski <luto@mit.edu> writes:

> On Tue, Apr 10, 2012 at 6:01 PM, Eric W. Biederman
> <ebiederm@xmission.com> wrote:

> Sounds like you're reinventing (something very similar to)
> no_new_privs.  Why not just require no_new_privs as a prerequisite for
> creating a user namespace if you're unprivileged?

As I said in the part of my email you snipped, because no_new_privs will
break suid exec in the user namespace.

I am most definitely not going to require something that will make
implementing/using user namespaces almost pointless.

Eric