On Tue, Jan 19, 2021 at 10:15 PM Eric W. Biederman
wrote:
>
> Miklos Szeredi writes:
>
> > It turns out overlayfs is actually okay wrt. mutliple conversions, because
> > it uses the right context for lower operations. I.e. before calling
> > vfs_{set,get}xattr() on underlying fs, it overrides
Miklos Szeredi writes:
> It turns out overlayfs is actually okay wrt. mutliple conversions, because
> it uses the right context for lower operations. I.e. before calling
> vfs_{set,get}xattr() on underlying fs, it overrides creds with that of the
> mounter, so the current user ns will now match
It turns out overlayfs is actually okay wrt. mutliple conversions, because
it uses the right context for lower operations. I.e. before calling
vfs_{set,get}xattr() on underlying fs, it overrides creds with that of the
mounter, so the current user ns will now match that of
overlay_sb->s_user_ns,
3 matches
Mail list logo
