[PATCH 1/1] RFC: taking a crack at targeted capabilities
Eric W. Biederman
ebiederm at xmission.com
Wed Jan 6 08:56:42 PST 2010
"Serge E. Hallyn" <serue at us.ibm.com> writes:
> So i was thinking about how to safely but incrementally introduce
> targeted capabilities - which we decided was a prereq to making VFS
> handle user namespaces - and the following seemed doable. My main
> motivations were (in order):
>
> 1. don't make any unconverted capable() checks unsafe
> 2. minimize performance impact on non-container case
> 3. minimize performance impact on containers
My motivation is a bit different. I would like to get to the
unprivileged creation of new namespaces. It looks like this gets us
90% of the way there, with only potential uid confusion issues left.
I still need to handle getting all caps after creation but otherwise I
think I have a good starter patch that achieves all of your goals.
Of course kill_permission needs the checks you have suggested as well.
Eric
More information about the Containers
mailing list