 Linus Torvalds
|
87c31b39ab
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
|
10 years ago |
 Eric W. Biederman
|
36476beac4
userns; Correct the comment in map_write
|
10 years ago |
|
Eric W. Biederman
|
66d2f338ee
userns: Allow setting gid_maps without privilege when setgroups is disabled
|
10 years ago |
|
Eric W. Biederman
|
9cc46516dd
userns: Add a knob to disable setgroups on a per user namespace basis
|
10 years ago |
|
Eric W. Biederman
|
f0d62aec93
userns: Rename id_map_mutex to userns_state_mutex
|
10 years ago |
|
Eric W. Biederman
|
f95d7918bd
userns: Only allow the creator of the userns unprivileged mappings
|
10 years ago |
|
Eric W. Biederman
|
80dd00a237
userns: Check euid no fsuid when establishing an unprivileged uid mapping
|
10 years ago |
|
Eric W. Biederman
|
be7c6dba23
userns: Don't allow unprivileged creation of gid mappings
|
10 years ago |
|
Eric W. Biederman
|
273d2c67c3
userns: Don't allow setgroups until a gid mapping has been setablished
|
10 years ago |
|
Eric W. Biederman
|
0542f17bf2
userns: Document what the invariant required for safe unprivileged mappings.
|
10 years ago |
 Al Viro
|
33c429405a
copy address of proc_ns_ops into ns_common
|
10 years ago |
|
Al Viro
|
6344c433a4
new helpers: ns_alloc_inum/ns_free_inum
|
10 years ago |
|
Al Viro
|
64964528b2
make proc_ns_operations work with struct ns_common * instead of void *
|
10 years ago |
|
Al Viro
|
3c04118461
switch the rest of proc_ns_operations to working with &...->ns
|
10 years ago |
|
Al Viro
|
435d5f4bb2
common object embedded into various struct ....ns
|
10 years ago |
 Fabian Frederick
|
ccf94f1b4a
proc: constify seq_operations
|
11 years ago |
|
Fabian Frederick
|
68a9a435e4
kernel/user_namespace.c: kernel-doc/checkpatch fixes
|
11 years ago |
 Mikulas Patocka
|
e79323bd87
user namespace: fix incorrect memory barriers
|
11 years ago |
 Paul Gortmaker
|
c96d6660dc
kernel: audit/fix non-modular users of module_init in core code
|
11 years ago |
 Brian Campbell
|
b080e047a6
user_namespace.c: Remove duplicated word in comment
|
11 years ago |
 David Howells
|
f36f8c75ae
KEYS: Add per-user_namespace registers for persistent per-UID kerberos caches
|
12 years ago |
|
Linus Torvalds
|
c7c4591db6
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
|
12 years ago |
|
Eric W. Biederman
|
e51db73532
userns: Better restrictions on when proc and sysfs can be mounted
|
12 years ago |
 Oleg Nesterov
|
8742f229b6
userns: limit the maximum depth of user_namespace->parent chain
|
12 years ago |
|
Oleg Nesterov
|
6160968cee
userns: unshare_userns(&cred) should not populate cred on failure
|
12 years ago |
|
Linus Torvalds
|
20b4fb4852
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
|
12 years ago |
|
David Howells
|
0bb80f2405
proc: Split the namespace stuff out into linux/proc_ns.h
|
12 years ago |
 Andy Lutomirski
|
41c21e351e
userns: Changing any namespace id mappings should require privileges
|
12 years ago |
|
Andy Lutomirski
|
e3211c120a
userns: Check uid_map's opener's fsuid, not the current fsuid
|
12 years ago |
|
Eric W. Biederman
|
6708075f10
userns: Don't let unprivileged users trick privileged users into setting the id_map
|
12 years ago |
