From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753356AbbJSMgi (ORCPT <rfc822;w@1wt.eu>);
	Mon, 19 Oct 2015 08:36:38 -0400
Received: from smtp2-g21.free.fr ([212.27.42.2]:8833 "EHLO smtp2-g21.free.fr"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751881AbbJSMgg (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Mon, 19 Oct 2015 08:36:36 -0400
Message-ID: <1445258180.4099.18.camel@debian.org>
Subject: Re: [PATCH] userns/capability: Add user namespace capability
From: Yves-Alexis Perez <corsac@debian.org>
To: "Serge E. Hallyn" <serge@hallyn.com>, Tobias Markus <tobias@miglix.eu>
Cc: linux-kernel@vger.kernel.org, "Eric W. Biederman" <ebiederm@xmission.com>,
        Al Viro <viro@ZenIV.linux.org.uk>,
        Serge Hallyn <serge.hallyn@canonical.com>,
        Andrew Morton <akpm@linuxfoundation.org>,
        Andy Lutomirski <luto@amacapital.net>,
        Christoph Lameter <cl@linux.com>,
        "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>,
        linux-security-module@vger.kernel.org, linux-api@vger.kernel.org,
        linux-man@vger.kernel.org,
        Richard Weinberger <richard.weinberger@gmail.com>
Date: Mon, 19 Oct 2015 14:36:20 +0200
In-Reply-To: <20151019014112.GA1683@mail.hallyn.com>
References: <5622700C.9090107@miglix.eu>
	 <20151017215501.GA22900@mail.hallyn.com> <5623FD82.4030902@miglix.eu>
	 <20151019014112.GA1683@mail.hallyn.com>
Content-Type: multipart/signed; micalg="pgp-sha256";
	protocol="application/pgp-signature"; boundary="=-gOR4fNwQbzesgmfVswB5"
X-Mailer: Evolution 3.18.0-2+b1 
Mime-Version: 1.0
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


--=-gOR4fNwQbzesgmfVswB5
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On dim., 2015-10-18 at 20:41 -0500, Serge E. Hallyn wrote:
> We shouldn't need a long-term solution.=C2=A0 Your concern is bugs.=C2=A0=
 After
> some time surely we'll feel that we have achieved a stable solution?

But this is actually the whole point: we need a long term solution, because
they will always be bug, whether in user namespaces or in others parts expo=
sed
by user namespaces. It's fine to fix them when we find them, but that still
means they're exploitable even before we know about them. We still find bug=
s
in code written years ago, it's quite certain there are bugs in current cod=
e.

User namespaces are a way to expose more interfaces to unprivileged users,
interfaces which weren't designed to be exposed like that. In a way that's =
the
opposite of seccomp. That doesn't make it bad, obviously, but that still me=
ans
having a way to control it finely could be helpful.

Regards,
--=20

Yves-Alexis

--=-gOR4fNwQbzesgmfVswB5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAABCAAGBQJWJOPEAAoJEG3bU/KmdcClp28IAJziqz7PCmIj1SFP2JqYe+vS
twNOuCbLHY1/TglrscbGbgroanDpJ7Mi6LEZIVWrrtqw5DnV7YF+nqa4EP+r8s0t
knTo6RXxQ/jj7pF+2vtNtjNdZhE5cu8PMsVGe236N/tTKzOQu+bBD9T7avKowW3f
WCBQsA1iIsFIvwmUoOMkBDXrSGqJICfDrInp4xx5rBtSqxKRSt0M78xfrOEV36Ug
isudYr4s1zndOUSzaAiI7O4bY8mG9tVAcBm+uZSwVkLSzTasfHQAaSvdoaK7in/A
bV91+6TPsie9cfbcPdp+pqYlj5Ybqp++1tiL/OMVGMLAPik5oL8sC8cBCeMqQCI=
=wNaw
-----END PGP SIGNATURE-----

--=-gOR4fNwQbzesgmfVswB5--