REVERTED: APPLIED: [PATCH Quantal CVE] userns: Changing any namespace id mappings should require privileges

Tim Gardner tim.gardner at canonical.com
Fri Jun 28 13:29:26 UTC 2013


On 06/28/2013 06:54 AM, Tim Gardner wrote:
> Um, file_ns_capable() does not exist in Quantal
> 

A little further investigation indicates that USER_NS depends on
UIDGID_CONVERTED. In order to satisfy _that_ dependency we'd have to
disable most of the useful features in the kernel.

This CVE patch is dependent on 935d8aabd4331f47a89c3e1daa5779d23cf244ee
(which _does_ apply and compile), but I'm questioning whether this CVE
even impacts Quantal in the first place. It certainly does not seem to
given or set of configs.

rtg
-- 
Tim Gardner tim.gardner at canonical.com




More information about the kernel-team mailing list