Re: [RFC PATCH 0/5] keys: Security changes, ACLs and Container keyring
From: Eric W. Biederman
Date: Sun Jul 19 2020 - 14:13:06 EST
David Howells <dhowells@xxxxxxxxxx> writes:
> Here are some patches to provide some security changes and some container
> support:
Nacked-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
There remain unfixed security issues in the new mount api. Those need
to get fixed before it is even worth anyones time reviewing new code.
Those issues came up in the review. I successfully demonstrated how to
address the security issues in the new mount api before the code was
merged. Yet the code was merged with the security issues present,
and I have not seem those issues addressed.
So far I have had to rewrite two filesystems because of bugs in the
mount API.
Enough is enough. Let's get the what has already been merged sorted
out before we had more.
Eric