[PATCH 0/3] Introduce user namespace capabilities

John Johansen john.johansen at canonical.com
Tue May 21 13:57:58 UTC 2024


On 5/18/24 04:21, Jarkko Sakkinen wrote:
> On Sat May 18, 2024 at 2:17 PM EEST, Jarkko Sakkinen wrote:
>> On Sat May 18, 2024 at 2:08 PM EEST, Jarkko Sakkinen wrote:
>>> On Fri May 17, 2024 at 10:11 PM EEST, Jonathan Calmels wrote:
>>>> On Fri, May 17, 2024 at 10:53:24AM GMT, Casey Schaufler wrote:
>>>>> Of course they do. I have been following the use of capabilities
>>>>> in Linux since before they were implemented. The uptake has been
>>>>> disappointing in all use cases.
>>>>
>>>> Why "Of course"?
>>>> What if they should not get *all* privileges?
>>>
>>> They do the job given a real-world workload and stress test.
>>>
>>> Here the problem is based on a theory and an experiment.
>>>
>>> Even a formal model does not necessarily map all "unknown unknowns".
>>
>> So this was like the worst "sales pitch" ever:
>>
>> 1. The cover letter starts with the idea of having to argue about name
>> spaces, and have fun while doing that ;-) We all have our own ways to
>> entertain ourselves but "name space duels" are not my thing. Why not
>> just start with why we all want this instead? Maybe we don't want it
>> then. Maybe this is just useless spam given the angle presented?
>> 2. There's shitloads of computer science and set theory but nothing
>> that would make common sense. You need to build more understandable
>> model. There's zero "gist" in this work.
>>
>> Maybe this does make sense but the story around it sucks so far.
> 
> One tip: I think this is wrong forum to present namespace ideas in the
> first place. It would be probably better to talk about this with e.g.
> systemd or podman developers, and similar groups. There's zero evidence
> of the usefulness. Then when you go that route and come back with actual
> users, things click much more easily. Now this is all in the void.
> 
> BR, Jarkko

Jarkko,

this is very much the right forum. User namespaces exist today. This
is a discussion around trying to reduce the exposed kernel surface
that is being used to attack the kernel.





More information about the Linux-security-module-archive mailing list