On Thu, Jun 20, 2013 at 01:27:21PM +0100, Ben Hutchings wrote:
> On Thu, 2013-06-20 at 13:49 +0200, Alessandro Ghedini wrote:
> > Package: src:linux
> > Version: 3.9.6-1
> > Severity: wishlist
> >
> > Hi,
> >
> > would it be possible to enable the CONFIG_USER_NS option? AFAICT as of v3.10 all
> > the parts that needed converting have been converted. Is this correct? Are there
> > any other related concerns?
>
> This is not correct; XFS has not been converted.
Oh right, I missed that.
> And there are likely many more privilege escalation bugs related to
> users creating their own user-namespaces that haven't yet been
> discovered. I am reluctant to enable it again at this stage without
> limiting its use to root by default.
There's no urgency. For the time being I can rebuild linux with the option
enabled (and xfs disabled), but at some point, once it gets mature enough, it
would be nice to have it enabled by default.
Cheers
--
perl -E '$_=q;$/= @{[@_]};and s;\S+;<inidehG ordnasselA>;eg;say~~reverse'
Attachment:
signature.asc
Description: Digital signature