| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20080807222751.GA28412@us.ibm.com> Date: Thu, 7 Aug 2008 17:27:51 -0500 From: "Serge E. Hallyn" <serue@...ibm.com> To: Miklos Szeredi <miklos@...redi.hu> Cc: akpm@...ux-foundation.org, hch@...radead.org, viro@...IV.linux.org.uk, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, "Eric W. Biederman" <ebiederm@...ssion.com> Subject: Re: unprivileged mounts git tree Quoting Miklos Szeredi (miklos@...redi.hu): > Here's a git tree of the unprivileged mounts patchset: > > git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs.git unprivileged-mounts > > Could this be added to -mm (and dropped if it's in the way of > something) for some testing and added visibility until it's reviewed > by Christoph/Al? > > I'm not reposting the whole patchset, since it's essentially the same > as the last submission, only updated to the latest git. But if > somebody wants it I can post them. > > Thanks, > Miklos > > > Documentation/filesystems/fuse.txt | 88 ++++++++- > Documentation/filesystems/proc.txt | 40 ++++ > fs/filesystems.c | 60 ++++++ > fs/fuse/inode.c | 21 ++ > fs/internal.h | 3 +- > fs/namespace.c | 366 +++++++++++++++++++++++++++--------- > fs/pnode.c | 22 ++- > fs/pnode.h | 2 + > fs/super.c | 26 --- > include/linux/fs.h | 7 + > include/linux/mount.h | 4 + > kernel/sysctl.c | 16 ++ > 12 files changed, 527 insertions(+), 128 deletions(-) > > Miklos Szeredi (10): > unprivileged mounts: add user mounts to the kernel > unprivileged mounts: allow unprivileged umount > unprivileged mounts: propagate error values from clone_mnt > unprivileged mounts: account user mounts > unprivileged mounts: allow unprivileged bind mounts > unprivileged mounts: allow unprivileged mounts > unprivileged mounts: add sysctl tunable for "safe" property > unprivileged mounts: make fuse safe > unprivileged mounts: propagation: inherit owner from parent > unprivileged mounts: add "no submounts" flag Hi Miklos, so on the bright side I pulled this tree today and it compiled and passed ltp with no problems. But then I played around a bit and found I could do the following: (hmm, i'm trying to remember the exact order :) as root: mmount --bind -o user=500 /home/hallyn/etc/ /home/hallyn/etc/ mount --bind /mnt /mnt mount --make-rshared /mnt mount --bind /dev /mnt/dev as hallyn: mmount --bind /mnt /home/hallyn/etc/mnt /usr/src/mmount-0.3/mmount --bind mnt/dev mnt/src Now /mnt/src contained /dev. Is this what we want? Do we want to tell the admin it's his fault for not somehow forcing a slave relationship between /mnt and /home/hallyn/etc/mnt? Except I don't think he can do that preemptively, it has to be done after hallyn does the mmount. So does that mean that if non-root user X does: mount a b where b is user=X but a is not, then if a is shared we should force it to be mounted as slave at b? -serge -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists