From: Andy Lutomirski <luto@amacapital.net>
To: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Cc: Linux FS Devel <linux-fsdevel@vger.kernel.org>,
Dave Chinner <david@fromorbit.com>, Jan Kara <jack@suse.cz>,
"linux-ext4@vger.kernel.org" <linux-ext4@vger.kernel.org>,
"Theodore Ts'o" <tytso@mit.edu>,
Dmitry Monakhov <dmonakhov@openvz.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Li Xi <pkuelelixi@gmail.com>
Subject: Re: [PATCH RFC v2 2/6] fs: protected project id
Date: Tue, 10 Mar 2015 10:32:49 -0700 [thread overview]
Message-ID: <CALCETrXE99fA1kwiXQvL0oTGZXa-nUwKdQ6_GfUPqXjOq8q0ZA@mail.gmail.com> (raw)
In-Reply-To: <20150310172206.23081.95005.stgit@buzz>
On Tue, Mar 10, 2015 at 10:22 AM, Konstantin Khlebnikov
<khlebnikov@yandex-team.ru> wrote:
> Historically XFS project id doesn't have any permission control: file owner
> is able to set any project id. Later they was sealed with user-namespace:
> XFS allows to change it only from init user-ns. That works fine for isolated
> containers or if user doesn't have direct access to the filesystem (NFS/FTP).
>
> This patch adds sysctl fs.protected_projects which makes changing project id
> privileged operation which requires CAP_SYS_RESOURCE in current user-namespace.
> Thus there are two levels of protection: project id mapping in user-ns defines
> set of permitted projects and capability protects operations within this set.
If I understand this right, this doesn't work. If I lack
CAP_SYS_RESOURCE but I have two projids mapped, then I can create a
new userns, map both projids, and get CAP_SYS_RESOURCE.
--Andy
next prev parent reply other threads:[~2015-03-10 17:33 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-10 17:22 [PATCH RFC v2 0/6] ext4: yet another project quota Konstantin Khlebnikov
2015-03-10 17:22 ` Konstantin Khlebnikov
2015-03-10 17:22 ` [PATCH RFC v2 1/6] fs: vfs ioctls for managing project id Konstantin Khlebnikov
2015-03-11 7:00 ` Andreas Dilger
2015-03-11 7:19 ` Konstantin Khlebnikov
2015-03-10 17:22 ` [PATCH RFC v2 2/6] fs: protected " Konstantin Khlebnikov
2015-03-10 17:32 ` Andy Lutomirski [this message]
2015-03-10 18:51 ` Konstantin Khlebnikov
2015-03-10 18:57 ` Andy Lutomirski
2015-03-10 17:22 ` [PATCH RFC v2 3/6] quota: generic project quota Konstantin Khlebnikov
2015-03-10 17:22 ` [PATCH RFC v2 4/6] ext4: support project id and " Konstantin Khlebnikov
2015-03-10 17:22 ` [PATCH RFC v2 5/6] ext4: add shortcut for moving files across projects Konstantin Khlebnikov
2015-03-10 17:22 ` [PATCH RFC v2 6/6] ext4: mangle statfs results accourding to project quota usage and limits Konstantin Khlebnikov
2015-03-16 16:52 ` [PATCH RFC v2 0/6] ext4: yet another project quota Jan Kara
2015-03-16 16:52 ` Jan Kara
2015-03-17 5:40 ` Konstantin Khlebnikov
2015-03-17 5:40 ` Konstantin Khlebnikov
2015-03-19 9:16 ` Jan Kara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALCETrXE99fA1kwiXQvL0oTGZXa-nUwKdQ6_GfUPqXjOq8q0ZA@mail.gmail.com \
--to=luto@amacapital.net \
--cc=david@fromorbit.com \
--cc=dmonakhov@openvz.org \
--cc=jack@suse.cz \
--cc=khlebnikov@yandex-team.ru \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pkuelelixi@gmail.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.