mirror of
https://github.com/adulau/aha.git
synced 2024-12-28 03:36:19 +00:00
user namespaces: require cap_set{ug}id for CLONE_NEWUSER
While ideally CLONE_NEWUSER will eventually require no privilege, the required permission checks are currently not there. As a result, CLONE_NEWUSER has the same effect as a setuid(0)+setgroups(1,"0"). While we already require CAP_SYS_ADMIN, requiring CAP_SETUID and CAP_SETGID seems appropriate. Signed-off-by: Serge E. Hallyn <serue@us.ibm.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
c37bbb0fdc
commit
7657d90497
1 changed files with 2 additions and 1 deletions
|
@ -1344,7 +1344,8 @@ long do_fork(unsigned long clone_flags,
|
||||||
/* hopefully this check will go away when userns support is
|
/* hopefully this check will go away when userns support is
|
||||||
* complete
|
* complete
|
||||||
*/
|
*/
|
||||||
if (!capable(CAP_SYS_ADMIN))
|
if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SETUID) ||
|
||||||
|
!capable(CAP_SETGID))
|
||||||
return -EPERM;
|
return -EPERM;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue