[PATCH v5 0/4] Introduce security_create_user_ns()
Eric W. Biederman
ebiederm at xmission.com
Wed Aug 17 19:57:40 UTC 2022
Paul Moore <paul at paul-moore.com> writes:
> At the end of the v4 patchset I suggested merging this into lsm/next
> so it could get a full -rc cycle in linux-next, assuming no issues
> were uncovered during testing
What in the world can be uncovered in linux-next for code that has no in
tree users.
That is one of my largest problems. I want to talk about the users and
the use cases and I don't get dialog. Nor do I get hey look back there
you missed it.
Since you don't want to rehash this. I will just repeat my conclusion
that the patchset appears to introduce an ineffective defense that will
achieve nothing in the defense of the kernel, and so all it will achieve
a code maintenance burden and to occasionally break legitimate users of
the user namespace.
Further the process is broken. You are changing the semantics of an
operation with the introduction of a security hook. That needs a
man-page and discussion on linux-abi. In general of the scrutiny we
give to new systems and changed system calls. As this change
fundamentally changes the semantics of creating a user namespace.
Skipping that part of the process is not simply disagree that is being
irresponsible.
Eric
More information about the Linux-security-module-archive
mailing list