Date: Mon, 6 Aug 2012 16:57:54 -0700 From: Kees Cook <keescook@...omium.org> To: "Eric W. Biederman" <ebiederm@...ssion.com> Cc: James Morris <jmorris@...ei.org>, kernel-hardening@...ts.openwall.com, Al Viro <viro@...iv.linux.org.uk>, Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, Eric Paris <eparis@...hat.com>, Matthew Wilcox <matthew@....cx>, Doug Ledford <dledford@...hat.com>, Joe Korty <joe.korty@...r.com>, Ingo Molnar <mingo@...e.hu>, David Howells <dhowells@...hat.com>, James Morris <james.l.morris@...cle.com>, linux-doc@...r.kernel.org, Dan Rosenberg <drosenberg@...curity.com> Subject: Re: [PATCH 1/2] fs: add link restrictions On Mon, Aug 6, 2012 at 4:55 PM, Eric W. Biederman <ebiederm@...ssion.com>wrote: > Kees Cook <keescook@...omium.org> writes: > > > On Thu, Aug 2, 2012 at 9:26 PM, James Morris <jmorris@...ei.org> wrote: > >> On Wed, 25 Jul 2012, Kees Cook wrote: > >> > >>> This adds symlink and hardlink restrictions to the Linux VFS. > >> > >> Is Al happy with this now? > > > > Looks like it; thanks for checking. It's in mainline now: > > > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commitdiff;h=800179c9b8a1e796e441674776d11cd4c05d61d7 > > So there was one trivial little issue with your patch. You were > directly comparing kuids instead of using uid_eq. This only practically > matters when user namespaces are enabled which is currently impossible > in 3.6-rc1 :( > > I have added the following fixup patch to my for-next branch of > user-namespace.git > > From: "Eric W. Biederman" <ebiederm@...ssion.com> > Date: Fri, 3 Aug 2012 09:38:08 -0700 > Subject: [PATCH] userns: Fix link restrictions to use uid_eq > > Signed-off-by: "Eric W. Biederman" <ebiederm@...ssion.com> > Ah-ha! Thanks for fixing this. Acked-by: Kees Cook <keescook@...omium.org> -- Kees Cook Chrome OS Security Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.