On 11/18/2015 04:58 PM, Al Viro wrote:
> On Wed, Nov 18, 2015 at 08:22:38AM -0600, Seth Forshee wrote:
>
>> But it still requires the admin set it up that way, no? And aren't
>> privileges required to set up those devices in the first place?
>>
>> I'm not saying that it wouldn't be a good idea
On Wed, Nov 18, 2015 at 02:58:18PM +, Al Viro wrote:
> On Wed, Nov 18, 2015 at 08:22:38AM -0600, Seth Forshee wrote:
>
> > But it still requires the admin set it up that way, no? And aren't
> > privileges required to set up those devices in the first place?
> >
> > I'm not saying that it
On 2015-11-18 09:58, Al Viro wrote:
On Wed, Nov 18, 2015 at 08:22:38AM -0600, Seth Forshee wrote:
But it still requires the admin set it up that way, no? And aren't
privileges required to set up those devices in the first place?
I'm not saying that it wouldn't be a good idea to lock down the
On Wed, Nov 18, 2015 at 09:05:12AM -0600, Seth Forshee wrote:
> Yes, the host admin. I'm not talking about trusting the admin inside the
> container at all.
Then why not have the same host admin just plain mount it when setting the
container up and be done with that? From the host namespace,
On 11/18/2015 04:14 AM, Sergey Senozhatsky wrote:
> Cosmetic.
>
> Do not define list_entry_next() and use list_next_entry()
> from list.h.
>
two days to late,
Geliang Tang already submitted the same patch in
[PATCH 3/3] apparmor: use list_next_entry instead of list_entry_next
and I've pulled
On Wed, Nov 18, 2015 at 02:10:45PM -0500, Theodore Ts'o wrote:
> On Tue, Nov 17, 2015 at 12:34:44PM -0600, Seth Forshee wrote:
> > On Tue, Nov 17, 2015 at 05:55:06PM +, Al Viro wrote:
> > > On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote:
> > >
> > > > Shortly after that I plan
On Tue, Nov 17, 2015 at 12:34:44PM -0600, Seth Forshee wrote:
> On Tue, Nov 17, 2015 at 05:55:06PM +, Al Viro wrote:
> > On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote:
> >
> > > Shortly after that I plan to follow with support for ext4. I've been
> > > fuzzing ext4 for a while
On 2015-11-17 16:32, Seth Forshee wrote:
On Tue, Nov 17, 2015 at 03:54:50PM -0500, Austin S Hemmelgarn wrote:
On 2015-11-17 14:16, Seth Forshee wrote:
On Tue, Nov 17, 2015 at 02:02:09PM -0500, Austin S Hemmelgarn wrote:
On 2015-11-17 12:55, Al Viro wrote:
On Tue, Nov 17, 2015 at 11:25:51AM
On 2015-11-17 17:01, Seth Forshee wrote:
On Tue, Nov 17, 2015 at 09:05:42PM +, Al Viro wrote:
On Tue, Nov 17, 2015 at 03:39:16PM -0500, Austin S Hemmelgarn wrote:
This is absolutely insane, no matter how much LSM snake oil you slatter on
the whole thing. All of a sudden you are exposing
Cosmetic.
Do not define list_entry_next() and use list_next_entry()
from list.h.
Signed-off-by: Sergey Senozhatsky
---
security/apparmor/apparmorfs.c | 10 --
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/security/apparmor/apparmorfs.c
On Wed, Nov 18, 2015 at 07:23:48AM -0500, Austin S Hemmelgarn wrote:
> On 2015-11-17 16:32, Seth Forshee wrote:
> >On Tue, Nov 17, 2015 at 03:54:50PM -0500, Austin S Hemmelgarn wrote:
> >>On 2015-11-17 14:16, Seth Forshee wrote:
> >>>On Tue, Nov 17, 2015 at 02:02:09PM -0500, Austin S Hemmelgarn
On Wed, Nov 18, 2015 at 07:46:53AM -0500, Austin S Hemmelgarn wrote:
> On 2015-11-17 17:01, Seth Forshee wrote:
> >On Tue, Nov 17, 2015 at 09:05:42PM +, Al Viro wrote:
> >>On Tue, Nov 17, 2015 at 03:39:16PM -0500, Austin S Hemmelgarn wrote:
> >>
> This is absolutely insane, no matter how
On Wed, Nov 18, 2015 at 08:22:38AM -0600, Seth Forshee wrote:
> But it still requires the admin set it up that way, no? And aren't
> privileges required to set up those devices in the first place?
>
> I'm not saying that it wouldn't be a good idea to lock down the backing
> stores for those
On (11/18/15 10:19), John Johansen wrote:
> On 11/18/2015 04:14 AM, Sergey Senozhatsky wrote:
> > Cosmetic.
> >
> > Do not define list_entry_next() and use list_next_entry()
> > from list.h.
> >
>
> two days to late,
>
> Geliang Tang already submitted the same patch in
> [PATCH 3/3] apparmor:
On Wed, 18 Nov 2015, Richard Weinberger wrote:
> On Wed, Nov 18, 2015 at 4:13 PM, Al Viro wrote:
> > On Wed, Nov 18, 2015 at 09:05:12AM -0600, Seth Forshee wrote:
> >
> >> Yes, the host admin. I'm not talking about trusting the admin inside the
> >> container at all.
> >
Am 19.11.2015 um 08:47 schrieb James Morris:
> On Wed, 18 Nov 2015, Richard Weinberger wrote:
>
>> On Wed, Nov 18, 2015 at 4:13 PM, Al Viro wrote:
>>> On Wed, Nov 18, 2015 at 09:05:12AM -0600, Seth Forshee wrote:
>>>
Yes, the host admin. I'm not talking about
16 matches
Mail list logo