Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754417AbcJDV0q (ORCPT ); Tue, 4 Oct 2016 17:26:46 -0400 Received: from h2.hallyn.com ([78.46.35.8]:44080 "EHLO h2.hallyn.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753872AbcJDV0p (ORCPT ); Tue, 4 Oct 2016 17:26:45 -0400 Date: Tue, 4 Oct 2016 16:26:43 -0500 From: "Serge E. Hallyn" To: Tejun Heo Cc: "Serge E. Hallyn" , John Stultz , lkml , Li Zefan , Jonathan Corbet , cgroups@vger.kernel.org, Android Kernel Team , Rom Lemarchand , Colin Cross , Dmitry Shmidt , Todd Kjos , Christian Poetzsch , Amit Pundir Subject: Re: [RFC][PATCH 0/2] Another pass at Android style loosening of cgroup attach permissions Message-ID: <20161004212643.GA27842@mail.hallyn.com> References: <1475556090-6278-1-git-send-email-john.stultz@linaro.org> <20161004161630.GC4205@htj.duckdns.org> <20161004193838.GH4205@htj.duckdns.org> <20161004201840.GA27018@mail.hallyn.com> <20161004203301.GK4205@htj.duckdns.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20161004203301.GK4205@htj.duckdns.org> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 776 Lines: 20 Quoting Tejun Heo (tj@kernel.org): > Hello, Serge. > > On Tue, Oct 04, 2016 at 03:18:40PM -0500, Serge E. Hallyn wrote: > > how about changing the GLOBAL_ROOT_UID check with a targeted > > capability check, like > > > > if (!ns_capable(tcred->user_ns, CAP_SYS_NICE) && > > !uid_eq(cred->euid, tcred->uid) && > > !uid_eq(cred->euid, tcred->suid)) > > ret = -EACCES; > > > > where the actual capability to use may require some thought. > > Yeah, that's the direction I'm thinking too. We can't use > CAP_SYS_NICE in general tho. Let's see if a dedicated CAP sticks. One possibility would be to let each cgroup subsystem define a move_caps capability mask which is required over the target task. And add a new CAP_CGROUP which always suffices?