diff options
author | Dirk Steinmetz <public@rsjtdrjgfuzkfg.com> | 2015-10-20 16:09:19 +0200 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2015-10-27 22:12:35 +0100 |
commit | f2ca379642d7a843be972ea4167abdd3c8c9e5d1 (patch) | |
tree | 03d03e85a7e38cb732fe09d2ca85baec3bc815d5 /drivers/scsi/osst_detect.h | |
parent | Linux 4.3-rc1 (diff) | |
download | linux-f2ca379642d7a843be972ea4167abdd3c8c9e5d1.tar.xz linux-f2ca379642d7a843be972ea4167abdd3c8c9e5d1.zip |
namei: permit linking with CAP_FOWNER in userns
Attempting to hardlink to an unsafe file (e.g. a setuid binary) from
within an unprivileged user namespace fails, even if CAP_FOWNER is held
within the namespace. This may cause various failures, such as a gentoo
installation within a lxc container failing to build and install specific
packages.
This change permits hardlinking of files owned by mapped uids, if
CAP_FOWNER is held for that namespace. Furthermore, it improves consistency
by using the existing inode_owner_or_capable(), which is aware of
namespaced capabilities as of 23adbe12ef7d3 ("fs,userns: Change
inode_capable to capable_wrt_inode_uidgid").
Signed-off-by: Dirk Steinmetz <public@rsjtdrjgfuzkfg.com>
This is hitting us in Ubuntu during some dpkg upgrades in containers.
When upgrading a file dpkg creates a hard link to the old file to back
it up before overwriting it. When packages upgrade suid files owned by a
non-root user the link isn't permitted, and the package upgrade fails.
This patch fixes our problem.
Tested-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'drivers/scsi/osst_detect.h')
0 files changed, 0 insertions, 0 deletions