From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753253AbbJSMsc (ORCPT <rfc822;w@1wt.eu>);
	Mon, 19 Oct 2015 08:48:32 -0400
Received: from a.ns.miles-group.at ([95.130.255.143]:11951 "EHLO radon.swed.at"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1752688AbbJSMsJ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Mon, 19 Oct 2015 08:48:09 -0400
Subject: Re: [PATCH] userns/capability: Add user namespace capability
To: Yves-Alexis Perez <corsac@debian.org>,
        "Serge E. Hallyn" <serge@hallyn.com>, Tobias Markus <tobias@miglix.eu>
References: <5622700C.9090107@miglix.eu>
 <20151017215501.GA22900@mail.hallyn.com> <5623FD82.4030902@miglix.eu>
 <20151019014112.GA1683@mail.hallyn.com> <1445258180.4099.18.camel@debian.org>
Cc: linux-kernel@vger.kernel.org, "Eric W. Biederman" <ebiederm@xmission.com>,
        Al Viro <viro@ZenIV.linux.org.uk>,
        Serge Hallyn <serge.hallyn@canonical.com>,
        Andrew Morton <akpm@linuxfoundation.org>,
        Andy Lutomirski <luto@amacapital.net>,
        Christoph Lameter <cl@linux.com>,
        "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>,
        linux-security-module@vger.kernel.org, linux-api@vger.kernel.org,
        linux-man@vger.kernel.org,
        Richard Weinberger <richard.weinberger@gmail.com>
From: Richard Weinberger <richard@nod.at>
Message-ID: <5624E684.8000302@nod.at>
Date: Mon, 19 Oct 2015 14:48:04 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <1445258180.4099.18.camel@debian.org>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Am 19.10.2015 um 14:36 schrieb Yves-Alexis Perez:
> On dim., 2015-10-18 at 20:41 -0500, Serge E. Hallyn wrote:
>> We shouldn't need a long-term solution.  Your concern is bugs.  After
>> some time surely we'll feel that we have achieved a stable solution?
> 
> But this is actually the whole point: we need a long term solution, because
> they will always be bug, whether in user namespaces or in others parts exposed
> by user namespaces. It's fine to fix them when we find them, but that still
> means they're exploitable even before we know about them. We still find bugs
> in code written years ago, it's quite certain there are bugs in current code.

You can replace the term "user namespace" with any other non-trivial kernel subsystem.
There will always be bugs.

Thanks,
//richard