Received: by 2002:ab2:6816:0:b0:1f9:5764:f03e with SMTP id t22csp508815lqo; Thu, 16 May 2024 12:35:42 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVj9HxgomvvVrjAtb7tQrCscPT4EAbSSBZT4e6VeE/iLvUqE9M/ndl7q0EOhLgq2kCS2ENY7pES/vqqmzF9U+rYiAL72XMChJp4yPiGtA== X-Google-Smtp-Source: AGHT+IEd3zWhtySB9e/0IDA/eQQ/sA7zq7E3BDGjRv4J47cFS1y2KOnD5M5hlWaKH+31A80+RFvi X-Received: by 2002:a05:6a20:12d5:b0:1af:66e6:b1b2 with SMTP id adf61e73a8af0-1afde0b7152mr23162226637.1.1715888141797; Thu, 16 May 2024 12:35:41 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715888141; cv=pass; d=google.com; s=arc-20160816; b=dmoj61PlhePcMkCiCjqluMgPQr8lTBRoZZdsNR7cRIS3jFvZ4bIBbRJK32Ucv4qDAM KuXK9ZD2jWhTpQYUdj5WgaPQMkhNxkL66a0rIYnvqYEhViB5Z4p4EWC+z02RotWpuvfp 1FeO2/LeB/1R2Js7dCuUeT3YzgqrxZWJ5MZI5boKmvLQ/KHW91lFlimprXozyNNTl6p+ kohcrTpIWLubLe3ZzpSmALEvZD5Bo18rWEeujwzJbEyI1OcWFkZD9FfS6HzRlyNlHmma OXVuINHP3xLn1dEotIsz/f209EIgCy8bAe7toC47KE0AroX3Bn+pWEChjzuXfLJEgHuX HPng== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=fTFq1oXsviCBJHriwtkTXqBeRZicp1/ckivpVaybfRw=; fh=VprVMV46rqyqHLJmMqljmQTS9mxA3qNQc64VsogErt0=; b=LseWPgjFZJS63BbGMYskidY3Sr7+8c1P6uqrY7JAPOU9v0R6h2v6i9elVHLGrOxuS+ qtwdxR2dnUMABo4kdZ7RzJLCppfmnhT23snfcvFNV/rjrdNrcGzHwtUoZdv6D3yZsKe0 VBHdHJz35I4nD142wkjM1x+9V1DMEKnmw9E/vjlp1G665RIMrcGNmmLRgu7D6hz/JMEw rINwQzWH3dYRtfKp8Fu0gYXstJ4x2XC+sA9muvQfnZvrkJSxo5xvNf+lxlrCD83eT5t5 zQ2v0zaISutAH0BgMGzzNrth7kKqqEom+vA78YUFejQZ9NF/28qfROei7rYLwtnhzANG fL6Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=KraW8m6i; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-181531-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-181531-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id 41be03b00d2f7-6340b395268si16807300a12.222.2024.05.16.12.35.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 16 May 2024 12:35:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-181531-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=KraW8m6i; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-181531-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-181531-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id AA1CE285537 for ; Thu, 16 May 2024 19:29:22 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1A6AA15746E; Thu, 16 May 2024 19:29:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="KraW8m6i" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2C1B914533D; Thu, 16 May 2024 19:29:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715887752; cv=none; b=BhJj43Vdy1gd5lQ0sWtpfNz+nL92Et3PXmR0GnTgMADTlFbaOzndem5Cq3w7TMlt4pSR2JtQRCNEH8uMEs9fvT1EE54kXa+rhKNhl1/dH0qOlHQrQIxaZKIv+1Wy9Gre2IUPwLWQu2Tpl8VTF0LDt9oNHensmu0gYEPb0cM8ab4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715887752; c=relaxed/simple; bh=l+TnYWVF0KiB/EPfOg0XC54NqzGKjS+BW+46urjM8Wg=; h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To: References:In-Reply-To; b=LHbgxEvA4JkdHTxlnnYZHNGrwxAsfCCsIb+UWUKtcJkss4nVsdBnfoYaUij4/Ckk5MhUUrqoL97fZAuXPKCf0IxGOtclm8b5XJv3BBUSLFZBSXGMGtjnVE9N0dNBL1V2YzeEVY/qyYwE04vkinJMjf2fjJ1eRZdN+a7OndE35Fs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=KraW8m6i; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7AE5AC32782; Thu, 16 May 2024 19:29:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1715887751; bh=l+TnYWVF0KiB/EPfOg0XC54NqzGKjS+BW+46urjM8Wg=; h=Date:Cc:Subject:From:To:References:In-Reply-To:From; b=KraW8m6ii7OcHIdzBD3dYTIf9cBeWQXW9h5fyUKVWYwV+7WH1BA3Um8zu7uVVmrIH m5djFd2CfRr6D/fV3miziNaYWvkcofGj3arGyCGLm+53p7TduIy+CLzUzkiLRJhnBE 38HcTCQleuRBN+lNKAIiEVLGYn5/GA+FYdtc3IpP559X5cp6RBC6u9V5OkpBQaWnfU XBWg6vDPOMTrm38Hf4qmOaT0As/UGr3u5PopZN50+TnJjCBcGMapPse/T3jBaSyAkL obJhh367vn1OPzNiaXBrcSp7j+tUVKF/VN2E0CYiQtmzIvR1hDsXxnAuygB42jrZ5m g6SBQyDuNn4Ew== Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Thu, 16 May 2024 22:29:06 +0300 Message-Id: Cc: , , , , Subject: Re: [PATCH 0/3] Introduce user namespace capabilities From: "Jarkko Sakkinen" To: "Casey Schaufler" , "Jonathan Calmels" , , , "Luis Chamberlain" , "Kees Cook" , "Joel Granados" , "Serge Hallyn" , "Paul Moore" , "James Morris" , "David Howells" X-Mailer: aerc 0.17.0 References: <20240516092213.6799-1-jcalmels@3xx0.net> <2804dd75-50fd-481c-8867-bc6cea7ab986@schaufler-ca.com> In-Reply-To: <2804dd75-50fd-481c-8867-bc6cea7ab986@schaufler-ca.com> On Thu May 16, 2024 at 10:07 PM EEST, Casey Schaufler wrote: > I suggest that adding a capability set for user namespaces is a bad idea: > - It is in no way obvious what problem it solves > - It is not obvious how it solves any problem > - The capability mechanism has not been popular, and relying on a > community (e.g. container developers) to embrace it based on this > enhancement is a recipe for failure > - Capabilities are already more complicated than modern developers > want to deal with. Adding another, special purpose set, is going > to make them even more difficult to use. What Inh, Prm, Eff, Bnd and Amb is not dead obvious to you? ;-) One UNs cannot hurt... I'm not following containers that much but didn't seccomp profiles supposed to be the silver bullet? BR, Jarkko