| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 28 May 2014 11:26:55 +0200 From: Seth Forshee <seth.forshee@...onical.com> To: "Eric W. Biederman" <ebiederm@...ssion.com> Cc: LXC development mailing-list <lxc-devel@...ts.linuxcontainers.org>, Serge Hallyn <serge.hallyn@...ntu.com>, Jens Axboe <axboe@...nel.dk>, Serge Hallyn <serge.hallyn@...onical.com>, Arnd Bergmann <arnd@...db.de>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, linux-kernel@...r.kernel.org, James Bottomley <James.Bottomley@...senPartnership.com> Subject: Re: [lxc-devel] [RFC PATCH 00/11] Add support for devtmpfs in user namespaces On Fri, May 23, 2014 at 03:23:50PM -0700, Eric W. Biederman wrote: > Serge Hallyn <serge.hallyn@...ntu.com> writes: > > > Quoting Eric W. Biederman (ebiederm@...ssion.com): > >> > >> > >> >> Ultimately the technical challenge is how do we create a block device > >> >> that is safe for a user who does not have any capabilities to use, and > >> >> what can we do with that block device to make it useful. > >> > > >> > Yes, and I'd like to get started solving those challenges. But I also > >> > don't think we can address these two points (support partition blkdevs, > >> > help prevent more priveleged users from using a namespace's loop > >> > devices) sufficiently while having an implementation completely > >> > contained within the loop driver as Greg is requesting. > >> > >> My key take away from the conversation is that we should reduce the > >> scope of what is being done to something that makes sense and the > >> propblems are immediately visible. > >> > >> Part of me would like to suggest that fuse and it's ability to imitate > >> device nodes might be a more appropriate solution, to something that > > > > Do you have a link to more info on this? Some googling got me to an > > interesting but old thread on CUSE, but nothing specifically about fuse > > doing this. > > CUSE is probably what I was thinking of. It is all part of the fuse > code base in the kernel. And now that I am reminded it is called CUSE > I go Duh that is a character device... > > Fuse and everything it can do is definitely the filesystem I would like > to see most have the audits to be enabled in user namespace. Fuse > was built to be sufficiently paranoid to allow this and so it should not > take a lot to take fuse the rest of the way. I was aware of FUSE but hadn't ever looked at it much. Looking at it now, this isn't going to satisfy any of the use cases I know about, which are wanting to use filesystems supported in-kernel (isofs, ext*). I don't see that any of these have a FUSE implementation, and I think we gain more from figuring out how to use in-kernel filesystems in containers than trying to find a way to shoehorn selected filesystems into FUSE. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists