Re: [PATCH v3 0/7] User namespace mount updates

On Thu, Nov 19, 2015 at 03:49:00PM +0100, Richard Weinberger wrote: > Am 19.11.2015 um 15:37 schrieb Colin Walters: > > On Thu, Nov 19, 2015, at 02:53 AM, Richard Weinberger wrote: > > > >> Erm, I don't want this in the kernel. That's why I've proposed the lklfuse > >> approach. > > > > I

Re: [PATCH v3 0/7] User namespace mount updates

Am 19.11.2015 um 15:37 schrieb Colin Walters: > On Thu, Nov 19, 2015, at 02:53 AM, Richard Weinberger wrote: > >> Erm, I don't want this in the kernel. That's why I've proposed the lklfuse >> approach. > > I already said this before but just to repeat, since I'm confused: > > How would

Re: [PATCH v3 0/7] User namespace mount updates

On Thu, Nov 19, 2015, at 02:53 AM, Richard Weinberger wrote: > Erm, I don't want this in the kernel. That's why I've proposed the lklfuse > approach. I already said this before but just to repeat, since I'm confused: How would "lklfuse" be different from http://libguestfs.org/ which we at Red

Re: [PATCH v3 0/7] User namespace mount updates

On 11/18/2015 04:58 PM, Al Viro wrote: > On Wed, Nov 18, 2015 at 08:22:38AM -0600, Seth Forshee wrote: > >> But it still requires the admin set it up that way, no? And aren't >> privileges required to set up those devices in the first place? >> >> I'm not saying that it wouldn't be a good idea

Re: [PATCH v3 0/7] User namespace mount updates

On Wed, Nov 18, 2015 at 02:58:18PM +, Al Viro wrote: > On Wed, Nov 18, 2015 at 08:22:38AM -0600, Seth Forshee wrote: > > > But it still requires the admin set it up that way, no? And aren't > > privileges required to set up those devices in the first place? > > > > I'm not saying that it

Re: [PATCH v3 0/7] User namespace mount updates

On 2015-11-18 09:58, Al Viro wrote: On Wed, Nov 18, 2015 at 08:22:38AM -0600, Seth Forshee wrote: But it still requires the admin set it up that way, no? And aren't privileges required to set up those devices in the first place? I'm not saying that it wouldn't be a good idea to lock down the

Re: [PATCH v3 0/7] User namespace mount updates

On Wed, Nov 18, 2015 at 09:05:12AM -0600, Seth Forshee wrote: > Yes, the host admin. I'm not talking about trusting the admin inside the > container at all. Then why not have the same host admin just plain mount it when setting the container up and be done with that? From the host namespace,

Re: [PATCH v3 0/7] User namespace mount updates

On Wed, Nov 18, 2015 at 02:10:45PM -0500, Theodore Ts'o wrote: > On Tue, Nov 17, 2015 at 12:34:44PM -0600, Seth Forshee wrote: > > On Tue, Nov 17, 2015 at 05:55:06PM +, Al Viro wrote: > > > On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote: > > > > > > > Shortly after that I plan

Re: [PATCH v3 0/7] User namespace mount updates

On Tue, Nov 17, 2015 at 12:34:44PM -0600, Seth Forshee wrote: > On Tue, Nov 17, 2015 at 05:55:06PM +, Al Viro wrote: > > On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote: > > > > > Shortly after that I plan to follow with support for ext4. I've been > > > fuzzing ext4 for a while

Re: [PATCH v3 0/7] User namespace mount updates

On 2015-11-17 16:32, Seth Forshee wrote: On Tue, Nov 17, 2015 at 03:54:50PM -0500, Austin S Hemmelgarn wrote: On 2015-11-17 14:16, Seth Forshee wrote: On Tue, Nov 17, 2015 at 02:02:09PM -0500, Austin S Hemmelgarn wrote: On 2015-11-17 12:55, Al Viro wrote: On Tue, Nov 17, 2015 at 11:25:51AM

Re: [PATCH v3 0/7] User namespace mount updates

On 2015-11-17 17:01, Seth Forshee wrote: On Tue, Nov 17, 2015 at 09:05:42PM +, Al Viro wrote: On Tue, Nov 17, 2015 at 03:39:16PM -0500, Austin S Hemmelgarn wrote: This is absolutely insane, no matter how much LSM snake oil you slatter on the whole thing. All of a sudden you are exposing

Re: [PATCH v3 0/7] User namespace mount updates

On Wed, Nov 18, 2015 at 07:23:48AM -0500, Austin S Hemmelgarn wrote: > On 2015-11-17 16:32, Seth Forshee wrote: > >On Tue, Nov 17, 2015 at 03:54:50PM -0500, Austin S Hemmelgarn wrote: > >>On 2015-11-17 14:16, Seth Forshee wrote: > >>>On Tue, Nov 17, 2015 at 02:02:09PM -0500, Austin S Hemmelgarn

Re: [PATCH v3 0/7] User namespace mount updates

On Wed, Nov 18, 2015 at 07:46:53AM -0500, Austin S Hemmelgarn wrote: > On 2015-11-17 17:01, Seth Forshee wrote: > >On Tue, Nov 17, 2015 at 09:05:42PM +, Al Viro wrote: > >>On Tue, Nov 17, 2015 at 03:39:16PM -0500, Austin S Hemmelgarn wrote: > >> > This is absolutely insane, no matter how

Re: [PATCH v3 0/7] User namespace mount updates

On Wed, Nov 18, 2015 at 08:22:38AM -0600, Seth Forshee wrote: > But it still requires the admin set it up that way, no? And aren't > privileges required to set up those devices in the first place? > > I'm not saying that it wouldn't be a good idea to lock down the backing > stores for those

Re: [PATCH v3 0/7] User namespace mount updates

On Wed, 18 Nov 2015, Richard Weinberger wrote: > On Wed, Nov 18, 2015 at 4:13 PM, Al Viro wrote: > > On Wed, Nov 18, 2015 at 09:05:12AM -0600, Seth Forshee wrote: > > > >> Yes, the host admin. I'm not talking about trusting the admin inside the > >> container at all. > >

Re: [PATCH v3 0/7] User namespace mount updates

Am 19.11.2015 um 08:47 schrieb James Morris: > On Wed, 18 Nov 2015, Richard Weinberger wrote: > >> On Wed, Nov 18, 2015 at 4:13 PM, Al Viro wrote: >>> On Wed, Nov 18, 2015 at 09:05:12AM -0600, Seth Forshee wrote: >>> Yes, the host admin. I'm not talking about

[PATCH v3 0/7] User namespace mount updates

Hi Eric, Here's another update to my patches for user namespace mounts, based on your for-testing branch. These patches add safeguards necessary to allow unprivileged mounts and update SELinux and Smack to safely handle device-backed mounts from unprivileged users. The v2 posting received very

Re: [PATCH v3 0/7] User namespace mount updates

On Tue, Nov 17, 2015 at 05:55:06PM +, Al Viro wrote: > On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote: > > > Shortly after that I plan to follow with support for ext4. I've been > > fuzzing ext4 for a while now and it has held up well, and I'm currently > > working on

Re: [PATCH v3 0/7] User namespace mount updates

On 2015-11-17 12:55, Al Viro wrote: On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote: Shortly after that I plan to follow with support for ext4. I've been fuzzing ext4 for a while now and it has held up well, and I'm currently working on hand-crafted attacks. Ted has commented

Re: [PATCH v3 0/7] User namespace mount updates

On Tue, Nov 17, 2015 at 7:34 PM, Seth Forshee wrote: > On Tue, Nov 17, 2015 at 05:55:06PM +, Al Viro wrote: >> On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote: >> >> > Shortly after that I plan to follow with support for ext4. I've been >> > fuzzing

Re: [PATCH v3 0/7] User namespace mount updates

On Tue, Nov 17, 2015 at 02:02:09PM -0500, Austin S Hemmelgarn wrote: > On 2015-11-17 12:55, Al Viro wrote: > >On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote: > > > >>Shortly after that I plan to follow with support for ext4. I've been > >>fuzzing ext4 for a while now and it has held

Re: [PATCH v3 0/7] User namespace mount updates

On Tue, Nov 17, 2015 at 9:21 PM, Seth Forshee wrote: > > On Tue, Nov 17, 2015 at 08:12:31PM +0100, Richard Weinberger wrote: > > On Tue, Nov 17, 2015 at 7:34 PM, Seth Forshee > > wrote: > > > On Tue, Nov 17, 2015 at 05:55:06PM +, Al

Re: [PATCH v3 0/7] User namespace mount updates

On 2015-11-17 14:30, Al Viro wrote: On Tue, Nov 17, 2015 at 02:02:09PM -0500, Austin S Hemmelgarn wrote: _Static_ attacks, or change-image-under-mounted-fs attacks? To properly protect against attacks on mounted filesystems, we'd need some new concept of a userspace immutable file (that is,

Re: [PATCH v3 0/7] User namespace mount updates

On Tue, Nov 17, 2015 at 03:39:16PM -0500, Austin S Hemmelgarn wrote: > >This is absolutely insane, no matter how much LSM snake oil you slatter on > >the whole thing. All of a sudden you are exposing a huge attack surface > >in the place where it would hurt most and as the consolation we are

Re: [PATCH v3 0/7] User namespace mount updates

Am 17.11.2015 um 20:25 schrieb Octavian Purdila: > On Tue, Nov 17, 2015 at 9:21 PM, Seth Forshee > wrote: >> >> On Tue, Nov 17, 2015 at 08:12:31PM +0100, Richard Weinberger wrote: >>> On Tue, Nov 17, 2015 at 7:34 PM, Seth Forshee >>> wrote:

Re: [PATCH v3 0/7] User namespace mount updates

On Tue, Nov 17, 2015 at 10:12 PM, Richard Weinberger wrote: > Am 17.11.2015 um 20:25 schrieb Octavian Purdila: >> On Tue, Nov 17, 2015 at 9:21 PM, Seth Forshee >> wrote: >>> >>> On Tue, Nov 17, 2015 at 08:12:31PM +0100, Richard Weinberger wrote:

Re: [PATCH v3 0/7] User namespace mount updates

On Tue, Nov 17, 2015 at 09:05:42PM +, Al Viro wrote: > On Tue, Nov 17, 2015 at 03:39:16PM -0500, Austin S Hemmelgarn wrote: > > > >This is absolutely insane, no matter how much LSM snake oil you slatter on > > >the whole thing. All of a sudden you are exposing a huge attack surface > > >in

Re: [PATCH v3 0/7] User namespace mount updates

On Tue, Nov 17, 2015 at 03:54:50PM -0500, Austin S Hemmelgarn wrote: > On 2015-11-17 14:16, Seth Forshee wrote: > >On Tue, Nov 17, 2015 at 02:02:09PM -0500, Austin S Hemmelgarn wrote: > >>On 2015-11-17 12:55, Al Viro wrote: > >>>On Tue, Nov 17, 2015 at 11:25:51AM -0600, Seth Forshee wrote: > >>> >