Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965654AbcCOSVp (ORCPT ); Tue, 15 Mar 2016 14:21:45 -0400 Received: from mail-oi0-f50.google.com ([209.85.218.50]:35982 "EHLO mail-oi0-f50.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965146AbcCOSVn (ORCPT ); Tue, 15 Mar 2016 14:21:43 -0400 MIME-Version: 1.0 In-Reply-To: <20160314083501.GB23225@ubuntumail> References: <20160314083501.GB23225@ubuntumail> From: Andy Lutomirski Date: Tue, 15 Mar 2016 11:21:23 -0700 Message-ID: Subject: Re: [PATCH] devpts: Make ptmx be owned by the userns owner instead of userns-local 0 To: Serge Hallyn Cc: gnome-os-list@gnome.org, Linux FS Devel , mclasen@redhat.com, Linux Containers , "Eric W. Biederman" , "linux-kernel@vger.kernel.org" Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 795 Lines: 20 On Mar 14, 2016 1:35 AM, "Serge Hallyn" wrote: > > Quoting Andy Lutomirski (luto@kernel.org): > > We used to have ptmx be owned by the inner uid and gid 0. Change > > this: if the owner and group are both mapped but are not both 0, > > then use the owner instead. > > > > For container-style namespaces (LXC, etc), this should have no > > effect -- UID 0 is will either be the owner or will be unmapped. > > This doesn't seem right - it's often the case that the owner is mapped > in as non-0 uid, safe or not. The actual namespace root uid should be > the owner (so long as it exists). > > Why not reverse the cases? If 0 is not mapped, then check whether the > current_user_ns()->owner is mapped? Good point, and less chance of breakage that way as well. --Andy