Containerize ptrace and kill

Registered by Serge Hallyn

User namespaces are not sufficiently implemented to prevent ptrace
and kill between user namespaces. The work to do this has largely
been done
(http://git.kernel.org/?p=linux/kernel/git/sergeh/linux-cr.git;a=shortlog;h=refs/heads/userns.feb16.1)
but needs to be guided upstream, presumably with copious cleanup and
rework.

Doing this work will prevent a task in a child user namespace from
ptracing or killing tasks in the parent namespace, even if the ptracing
task is owned by root or the same uid as the target task in the
parent user namespace.

Blueprint information

Status:
Complete
Approver:
Robbie Williamson
Priority:
High
Drafter:
Serge Hallyn
Direction:
Approved
Assignee:
Serge Hallyn
Definition:
Approved
Series goal:
Accepted for natty
Implementation:
Implemented
Milestone target:
milestone icon natty-alpha-2
Started by
Robbie Williamson
Completed by
Robbie Williamson

Related branches

Sprints

Whiteboard

Status: not yet started

Complexity:

Work Items:

[serge-hallyn] forward-port existing userns patchset: DONE
[serge-hallyn] prune out extra functionality: DONE
[serge-hallyn] extensive testing: DONE
[serge-hallyn] post targeted capabilities: DONE
[serge-hallyn] Add ptrace checks: DONE
[serge-hallyn] tweak patchset according to community feedback: DONE
[serge-hallyn] Add and post setuid checks: DONE
[serge-hallyn] Implement VFS userns checks (without policy) : DONE
[serge-hallyn] push upstream: DONE
[serge-hallyn] post basic POC VFS user namespaces support: DONE

https://wiki.ubuntu.com/UserNamespace has a development plan.

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information 
Everyone can see this information.