lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 18 Sep 2017 13:47:10 -0700
From:   Ram Pai <>
To:     Dawid Ciezarkiewicz <>
Subject: Re: Read-only `slaves` with shared subtrees?

On Fri, Sep 15, 2017 at 10:57:30AM -0700, Dawid Ciezarkiewicz wrote:
> Hi,
> (Please keep me in CC me when responding.)
> I have an use-case for shared subtrees that is not covered by:
> and I wasn't able to figure out any working solution - it might not be possible
> ATM.
> Long story short:
> I'd like the `slave` mount (service in a container) to mount propagated events
> as RO, no matter how did `master` (host) mount them. Host might need that data
> RW, but slave must have it RO only.
> I'm using Linux containers to isolate processes. I need the container
> to follow part of the host system mount tree, but not have a write-access to it
> (for security reasons). It's a trivial setup as long
> as everything is static, but as soon as a part of what the container needs
> to access is mounted/unmounted at runtime (and thus shared subtrees
> are involved),
> there seems to be no way to control the flags of the propagated mount events.

It is possible to make a slave mount readonly, by  remounting it with
'ro' flags.

something like

mount -o bind,remount,ro <slave-mount-dir>

Any mount-propagation events reaching a read-only-slave does 
inherit the slave attribute. However it does not inherit the
read-only attribute.

Should it inherit? or should it not? -- that has not been thought
off AFAICT. it think we should let it inherit.


Powered by blists - more mailing lists