user namespaces: require cap_set{ug}id for CLONE_NEWUSER - kernel

diff options

author	Serge E. Hallyn <[email protected]>	2008-12-03 19:17:33 +0000
committer	James Morris <[email protected]>	2008-12-07 22:16:27 +0000
commit	7657d90497f98426af17f0ac633a9b335bb7a8fb (patch)
tree	6344dc4715a85383f6492a4102ae406c6b86d79d /net/unix/af_unix.c
parent	user namespaces: let user_ns be cloned with fairsched (diff)
download	kernel-7657d90497f98426af17f0ac633a9b335bb7a8fb.tar.gz kernel-7657d90497f98426af17f0ac633a9b335bb7a8fb.zip

user namespaces: require cap_set{ug}id for CLONE_NEWUSER

While ideally CLONE_NEWUSER will eventually require no privilege, the required permission checks are currently not there. As a result, CLONE_NEWUSER has the same effect as a setuid(0)+setgroups(1,"0"). While we already require CAP_SYS_ADMIN, requiring CAP_SETUID and CAP_SETGID seems appropriate. Signed-off-by: Serge E. Hallyn <[email protected]> Acked-by: "Eric W. Biederman" <[email protected]> Signed-off-by: James Morris <[email protected]>

Diffstat (limited to 'net/unix/af_unix.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: