Re: [RFC 4/5] user namespaces: allow killing tasks in your own or child userns

"Serge E. Hallyn" <serge@hallyn.com> writes:

quoted text

> Changelog: > Dec 8: Fixed bug in my check_kill_permission pointed out by > Eric Biederman. > Dec 13: Apply Eric's suggestion to pass target task into kill_ok_by_cred() > for clarity > > Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com> > --- > kernel/signal.c | 33 ++++++++++++++++++++++++++++----- > 1 files changed, 28 insertions(+), 5 deletions(-) > > diff --git a/kernel/signal.c b/kernel/signal.c > index 4e3cff1..499bd36 100644 > --- a/kernel/signal.c > +++ b/kernel/signal.c > @@ -659,11 +686,7 @@ static int check_kill_permission(int sig, struct siginfo *info, > cred = current_cred(); > tcred = __task_cred(t);

Nit pick you don't need to compute cred and tcred here now.

quoted text

> if (!same_thread_group(current, t) && > - (cred->euid ^ tcred->suid) && > - (cred->euid ^ tcred->uid) && > - (cred->uid ^ tcred->suid) && > - (cred->uid ^ tcred->uid) && > - !capable(CAP_KILL)) { > + !kill_ok_by_cred(t)) { > switch (sig) { > case SIGCONT: > sid = task_session(t);

unsubscribe notice

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/


linux-kernel:
Paul Turner	[tg_shares_up rewrite v4 11/11] sched: update tg->shares after cpu.shares write
Mr. James W. Laferriere	Re: Linux 2.6.25-rc1 , syntax error near unexpected token `;'
Chuck Ebbert	Re: PCI: Unable to reserve mem region problem
Linus Torvalds	Linux 2.6.34-rc4
Mingming Cao	Re: [RFC 1/4] Large Blocksize support for Ext2/3/4
git:
Ralf Wildenhues	[PATCH] Fix typos in the documentation
Len Brown	Re: fatal: unable to create '.git/index': File exists
Adeodato	Bazaar's patience diff as GIT_EXTERNAL_DIFF
Denis Bueno	Git clone error
Johannes Schindelin	Re: [PATCH 2/4] Add functions get_relative_cwd() and is_inside_dir()
git-commits-head:
Linux Kernel Mailing List	ASoC: fix registration of the SoC card in the Freescale MPC8610 drivers
Linux Kernel Mailing List	drivers/acpi: use kasprintf
Linux Kernel Mailing List	nfsd41: sanity check client drc maxreqs
Linux Kernel Mailing List	bnx2x: Moving includes
Linux Kernel Mailing List	V4L/DVB: gspca - sonixj: Adjust minor values of sensor ov7630. - set the color ga...
openbsd-misc:
Sevan / Venture37	Re: This is what Linus Torvalds calls openBSD crowd
Netmaffia.hu	Tini Lányok AKCIÓBAN OTTHON
Sam Fourman Jr.	Re: Help with Altell PC6700
Siju George	This is what Linus Torvalds calls openBSD crowd
Darrin Chandler	Re: OT: Python (was Re: vi in /bin)
linux-netdev:
Kurt Van Dijck	Re: [PATCH net-next-2.6 1/2] can: add driver for Softing card
Eric Dumazet	Re: [PATCH net-next-2.6] net: Introduce skb_orphan_try()
Jamie Lokier	Re: POHMELFS high performance network filesystem. Transactions, failover, performa...
Jarek Poplawski	Re: socket api problem: can't bind an ipv6 socket to ::ffff:0.0.0.0
David Miller	Re: [PATCH v2] net: typos in comments in include/linux/igmp.h