From: Serge Hallyn <serge.hallyn@ubuntu.com>
To: Kees Cook <keescook@chromium.org>
Cc: "Robert Święcki" <robert@swiecki.net>,
"Ben Hutchings" <ben@decadent.org.uk>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Al Viro" <viro@zeniv.linux.org.uk>,
"Richard Weinberger" <richard@nod.at>,
"Eric W. Biederman" <ebiederm@xmission.com>,
"Andy Lutomirski" <luto@amacapital.net>,
"Dmitry Vyukov" <dvyukov@google.com>,
"David Howells" <dhowells@redhat.com>,
"Kostya Serebryany" <kcc@google.com>,
"Alexander Potapenko" <glider@google.com>,
"Eric Dumazet" <edumazet@google.com>,
"Sasha Levin" <sasha.levin@oracle.com>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>
Subject: Re: [PATCH 2/2] sysctl: allow CLONE_NEWUSER to be disabled
Date: Sat, 23 Jan 2016 00:44:01 +0000 [thread overview]
Message-ID: <20160123004400.GA23632@ubuntumail> (raw)
In-Reply-To: <CAGXu5jKbroEt0nO=yA4V6esKePseO75tcsK=YVy-=1NEuzwxzQ@mail.gmail.com>
Quoting Kees Cook (keescook@chromium.org):
> On Fri, Jan 22, 2016 at 2:55 PM, Robert Święcki <robert@swiecki.net> wrote:
> > 2016-01-22 23:50 GMT+01:00 Kees Cook <keescook@chromium.org>:
> >
> >>> Seems that Debian and some older Ubuntu versions are already using
> >>>
> >>> $ sysctl -a | grep usern
> >>> kernel.unprivileged_userns_clone = 0
> >>>
> >>> Shall we be consistent wit it?
> >>
> >> Oh! I didn't see that on systems I checked. On which version did you find that?
> >
> > $ uname -a
> > Linux bc1 4.3.0-0.bpo.1-amd64 #1 SMP Debian 4.3.3-5~bpo8+1
> > (2016-01-07) x86_64 GNU/Linux
> > $ cat /etc/debian_version
> > 8.2
>
> Ah-ha, Debian only, though it looks like this was just committed to
> the Ubuntu kernel tree too:
>
>
> > IIRC some older kernels delivered with Ubuntu Precise were also using
> > it (but maybe I'm mistaken)
>
> I don't see it there.
>
> I think my patch is more complete, but I'm happy to change the name if
> this sysctl has already started to enter the global consciousness. ;)
>
> Serge, Ben, what do you think?
>
> -Kees
Hey,
I had originally written this for Ubuntu when userns was still new
and not upstream. Then we dropped it when it got upstream.
The reason we are re-adding it is because we're going to be pushing the
envelop again wrt unprivileged userns usage. Seth has been working on
supporting mounts of fuse, for instance. When everything is upstream,
(or we drop it :) we'll drop the patch again.
-serge
WARNING: multiple messages have this Message-ID (diff)
From: Serge Hallyn <serge.hallyn@ubuntu.com>
To: Kees Cook <keescook@chromium.org>
Cc: "Robert Święcki" <robert@swiecki.net>,
"Ben Hutchings" <ben@decadent.org.uk>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Al Viro" <viro@zeniv.linux.org.uk>,
"Richard Weinberger" <richard@nod.at>,
"Eric W. Biederman" <ebiederm@xmission.com>,
"Andy Lutomirski" <luto@amacapital.net>,
"Dmitry Vyukov" <dvyukov@google.com>,
"David Howells" <dhowells@redhat.com>,
"Kostya Serebryany" <kcc@google.com>,
"Alexander Potapenko" <glider@google.com>,
"Eric Dumazet" <edumazet@google.com>,
"Sasha Levin" <sasha.levin@oracle.com>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>
Subject: [kernel-hardening] Re: [PATCH 2/2] sysctl: allow CLONE_NEWUSER to be disabled
Date: Sat, 23 Jan 2016 00:44:01 +0000 [thread overview]
Message-ID: <20160123004400.GA23632@ubuntumail> (raw)
In-Reply-To: <CAGXu5jKbroEt0nO=yA4V6esKePseO75tcsK=YVy-=1NEuzwxzQ@mail.gmail.com>
Quoting Kees Cook (keescook@chromium.org):
> On Fri, Jan 22, 2016 at 2:55 PM, Robert Święcki <robert@swiecki.net> wrote:
> > 2016-01-22 23:50 GMT+01:00 Kees Cook <keescook@chromium.org>:
> >
> >>> Seems that Debian and some older Ubuntu versions are already using
> >>>
> >>> $ sysctl -a | grep usern
> >>> kernel.unprivileged_userns_clone = 0
> >>>
> >>> Shall we be consistent wit it?
> >>
> >> Oh! I didn't see that on systems I checked. On which version did you find that?
> >
> > $ uname -a
> > Linux bc1 4.3.0-0.bpo.1-amd64 #1 SMP Debian 4.3.3-5~bpo8+1
> > (2016-01-07) x86_64 GNU/Linux
> > $ cat /etc/debian_version
> > 8.2
>
> Ah-ha, Debian only, though it looks like this was just committed to
> the Ubuntu kernel tree too:
>
>
> > IIRC some older kernels delivered with Ubuntu Precise were also using
> > it (but maybe I'm mistaken)
>
> I don't see it there.
>
> I think my patch is more complete, but I'm happy to change the name if
> this sysctl has already started to enter the global consciousness. ;)
>
> Serge, Ben, what do you think?
>
> -Kees
Hey,
I had originally written this for Ubuntu when userns was still new
and not upstream. Then we dropped it when it got upstream.
The reason we are re-adding it is because we're going to be pushing the
envelop again wrt unprivileged userns usage. Seth has been working on
supporting mounts of fuse, for instance. When everything is upstream,
(or we drop it :) we'll drop the patch again.
-serge
next prev parent reply other threads:[~2016-01-23 0:44 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-22 22:39 [PATCH 0/2] sysctl: allow CLONE_NEWUSER to be disabled Kees Cook
2016-01-22 22:39 ` [kernel-hardening] " Kees Cook
2016-01-22 22:39 ` [PATCH 1/2] sysctl: expand use of proc_dointvec_minmax_sysadmin Kees Cook
2016-01-22 22:39 ` [kernel-hardening] " Kees Cook
2016-01-23 3:10 ` Eric W. Biederman
2016-01-23 3:10 ` [kernel-hardening] " Eric W. Biederman
2016-01-23 22:25 ` Jann Horn
2016-01-24 1:20 ` Eric W. Biederman
2016-01-24 1:43 ` Al Viro
2016-01-24 1:56 ` Jann Horn
2016-01-24 6:02 ` Eric W. Biederman
2016-01-24 6:32 ` Jann Horn
2016-01-24 6:44 ` Eric W. Biederman
2016-01-22 22:39 ` [PATCH 2/2] sysctl: allow CLONE_NEWUSER to be disabled Kees Cook
2016-01-22 22:39 ` [kernel-hardening] " Kees Cook
2016-01-22 22:47 ` Robert Święcki
2016-01-22 22:47 ` [kernel-hardening] " Robert Święcki
2016-01-22 22:50 ` Kees Cook
2016-01-22 22:50 ` [kernel-hardening] " Kees Cook
2016-01-22 22:55 ` Robert Święcki
2016-01-22 22:55 ` [kernel-hardening] " Robert Święcki
2016-01-22 23:00 ` Kees Cook
2016-01-22 23:00 ` [kernel-hardening] " Kees Cook
2016-01-23 0:44 ` Serge Hallyn [this message]
2016-01-23 0:44 ` Serge Hallyn
2016-01-23 0:44 ` Serge Hallyn
2016-01-23 0:44 ` [kernel-hardening] " Serge Hallyn
2016-01-23 0:59 ` Ben Hutchings
2016-01-24 20:59 ` Kees Cook
2016-01-24 20:59 ` Kees Cook
2016-01-24 22:20 ` Andy Lutomirski
2016-01-25 18:51 ` Kees Cook
2016-01-22 22:49 ` [PATCH 0/2] " Richard Weinberger
2016-01-22 22:49 ` [kernel-hardening] " Richard Weinberger
2016-01-23 3:02 ` Eric W. Biederman
2016-01-23 3:02 ` [kernel-hardening] " Eric W. Biederman
2016-01-24 20:57 ` Kees Cook
2016-01-24 20:57 ` [kernel-hardening] " Kees Cook
2016-01-26 7:38 ` Serge Hallyn
2016-01-24 22:22 ` Andy Lutomirski
2016-01-24 22:22 ` [kernel-hardening] " Andy Lutomirski
2016-01-25 18:51 ` Kees Cook
2016-01-25 18:51 ` [kernel-hardening] " Kees Cook
2016-01-25 18:53 ` Andy Lutomirski
2016-01-25 18:53 ` [kernel-hardening] " Andy Lutomirski
2016-01-25 18:56 ` Kees Cook
2016-01-25 18:56 ` [kernel-hardening] " Kees Cook
2016-01-25 19:33 ` Eric W. Biederman
2016-01-25 19:33 ` [kernel-hardening] " Eric W. Biederman
2016-01-25 22:34 ` Kees Cook
2016-01-25 22:34 ` [kernel-hardening] " Kees Cook
2016-01-25 23:33 ` Andy Lutomirski
2016-01-25 23:33 ` [kernel-hardening] " Andy Lutomirski
2016-01-26 2:27 ` Daniel Micay
2016-01-26 4:57 ` Eric W. Biederman
2016-01-26 4:57 ` [kernel-hardening] " Eric W. Biederman
2016-01-26 14:38 ` Josh Boyer
2016-01-26 14:38 ` [kernel-hardening] " Josh Boyer
2016-01-26 14:46 ` Austin S. Hemmelgarn
2016-01-26 14:46 ` [kernel-hardening] " Austin S. Hemmelgarn
2016-01-26 14:56 ` Josh Boyer
2016-01-26 14:56 ` [kernel-hardening] " Josh Boyer
2016-01-26 17:20 ` Serge Hallyn
2016-01-26 19:56 ` Josh Boyer
2016-01-26 20:11 ` Austin S. Hemmelgarn
2016-01-26 17:15 ` Serge Hallyn
2016-01-26 18:09 ` Austin S. Hemmelgarn
2016-01-26 18:27 ` Andy Lutomirski
2016-01-26 18:45 ` Austin S. Hemmelgarn
2016-01-26 23:15 ` Kees Cook
2016-01-26 23:13 ` Kees Cook
2016-01-27 10:27 ` Eric W. Biederman
2016-01-27 12:32 ` Austin S. Hemmelgarn
2016-01-28 14:41 ` Robert Święcki
2016-01-28 14:41 ` Robert Święcki
2016-01-26 23:47 ` Josh Boyer
2016-01-26 16:37 ` Kees Cook
2016-01-26 16:37 ` [kernel-hardening] " Kees Cook
2016-01-28 8:56 ` Serge E. Hallyn
2016-01-28 12:53 ` Austin S. Hemmelgarn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160123004400.GA23632@ubuntumail \
--to=serge.hallyn@ubuntu.com \
--cc=akpm@linux-foundation.org \
--cc=ben@decadent.org.uk \
--cc=dhowells@redhat.com \
--cc=dvyukov@google.com \
--cc=ebiederm@xmission.com \
--cc=edumazet@google.com \
--cc=glider@google.com \
--cc=kcc@google.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=richard@nod.at \
--cc=robert@swiecki.net \
--cc=sasha.levin@oracle.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.