diff options
author | Helmut Grohne <helmut@subdivi.de> | 2024-05-10 18:21:21 +0200 |
---|---|---|
committer | Helmut Grohne <helmut@subdivi.de> | 2024-05-10 18:21:21 +0200 |
commit | 9fea618481256122c1bd2a62ec382623b7528865 (patch) | |
tree | 8b4ae2de2d8dd11ca93aef93e196524869e1b085 /linuxnamespaces | |
parent | c45a83883625ea5226bace08e72f45782e31c29f (diff) | |
download | python-linuxnamespaces-9fea618481256122c1bd2a62ec382623b7528865.tar.gz |
Revert "examples/chroottar.py: harden against tars with high uids"
This reverts commit a169f51420795a212c3226f455e783ab8ac5cf47.
We really deal with two user namespaces. The initial/parent process maps
the target id range plus the current user id. The child process that
executes the workload only maps the target id range without the current
user id. The child opens the tar file while it still is in the initial
namespace, then unshares and once it only has the subid range mapped, it
performs the extraction. No clamping is necessary at this point. The
parent process maps additionally maps the current id in order to write
the tar file.
Diffstat (limited to 'linuxnamespaces')
0 files changed, 0 insertions, 0 deletions