|
Message-ID: <56A2B209.7000403@nod.at> Date: Fri, 22 Jan 2016 23:49:45 +0100 From: Richard Weinberger <richard@....at> To: Kees Cook <keescook@...omium.org>, Andrew Morton <akpm@...ux-foundation.org> Cc: Al Viro <viro@...iv.linux.org.uk>, "Eric W. Biederman" <ebiederm@...ssion.com>, Andy Lutomirski <luto@...capital.net>, Robert Święcki <robert@...ecki.net>, Dmitry Vyukov <dvyukov@...gle.com>, David Howells <dhowells@...hat.com>, Miklos Szeredi <mszeredi@...e.cz>, Kostya Serebryany <kcc@...gle.com>, Alexander Potapenko <glider@...gle.com>, Eric Dumazet <edumazet@...gle.com>, Sasha Levin <sasha.levin@...cle.com>, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org, kernel-hardening@...ts.openwall.com Subject: Re: [PATCH 0/2] sysctl: allow CLONE_NEWUSER to be disabled Am 22.01.2016 um 23:39 schrieb Kees Cook: > There continues to be unexpected side-effects and security exposures > via CLONE_NEWUSER. For many end-users running distro kernels with > CONFIG_USER_NS enabled, there is no way to disable this feature when > desired. As such, this creates a sysctl to restrict CLONE_NEWUSER so > admins not running containers or Chrome can avoid the risks of this > feature. Last time such a patch came up I was not thrilled because hiding a scary feature behind a knob IMHO doesn't make it any better nor helps finding issues. But as userns is still a source of a lot of issues and distros enable it by default a knob for the admin seems to be a good idea by now. ;-\ Thanks, //richard
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.