[PATCH RESEND v5 0/5] namei: vfs flags to restrict path resolution
Aleksa Sarai
cyphar at cyphar.com
Thu Apr 25 19:45:25 UTC 2019
On 2019-04-25, Aleksa Sarai <cyphar at cyphar.com> wrote:
> On 2019-04-23, Kees Cook <keescook at chromium.org> wrote:
> > This series provides solutions to so many different race and confusion
> > issues, I'd really like to see it land. What's the next step here? Is
> > this planned to go directly to Linus for v5.2, or is it going to live
> > in -mm for a while? I'd really like to see this moving forward.
>
> Given some of the security requirements of this interface, I think
> getting it to live in -mm wouldn't be a bad idea so folks can shake the
> bugs out before it's depended on by container runtimes.
Scratch my mention of -mm, it should be in Al's tree since it touches
quite a few of the namei seqlocks. My point was that it should live in
someone's tree for a little bit before it goes into a release.
I will put together a PoC of a resolveat(2) variation of this series and
re-send it out with both versions.
--
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
<https://www.cyphar.com/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.linuxfoundation.org/pipermail/containers/attachments/20190426/7b6859c4/attachment.sig>
More information about the Containers
mailing list