APPLIED[Unstable]: [PATCH][SRU][DISCO][EOAN] UBUNTU: SAUCE: shiftfs: drop CAP_SYS_RESOURCE from effective capabilities

Seth Forshee seth.forshee at canonical.com
Mon Nov 11 23:57:33 UTC 2019


On Wed, Oct 23, 2019 at 02:23:50PM +0200, Christian Brauner wrote:
> BugLink: https://bugs.launchpad.net/bugs/1849483
> 
> Currently shiftfs allows to exceed project quota and reserved space on
> e.g. ext2. See [1] and especially [2] for a bug report. This is very
> much not what we want. Quotas and reserverd space settings set on the
> host need to respected. The cause for this issue is overriding the
> credentials with the superblock creator's credentials whenever we
> perform operations such as fallocate() or writes while retaining
> CAP_SYS_RESOURCE.
> 
> The fix is to drop CAP_SYS_RESOURCE from the effective capability set
> after we have made a copy of the superblock creator's credential at
> superblock creation time. This very likely gives us more security than
> we had before and the regression potential seems limited. I would like
> to try this apporach first before coming up with something potentially
> more sophisticated. I don't see why CAP_SYS_RESOURCE should become a
> limiting factor in most use-cases.
> 
> [1]: https://github.com/lxc/lxd/issues/6333
> [2]: https://github.com/lxc/lxd/issues/6333#issuecomment-545154838
> Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>

Applied to unstable/master, thanks!



More information about the kernel-team mailing list