| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5633d335-3926-d98f-d6d7-948b1e2a0b2c@metux.net> Date: Tue, 13 Feb 2018 22:19:48 +0000 From: Enrico Weigelt <lkml@...ux.net> To: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Cc: Linux Containers <containers@...ts.linux-foundation.org> Subject: Re: plan9 semantics on Linux - mount namespaces On 13.02.2018 22:12, Enrico Weigelt wrote: CC @containers@...ts.linux-foundation.org > Hi folks, > > > I'm currently trying to implement plan9 semantics on Linux and > yet sorting out how to do the mount namespace handling. > > On plan9, any unprivileged process can create its own namespace > and mount/bind at will, while on Linux this requires CAP_SYS_ADMIN. > > What is the reason for not allowing arbitrary users to create their > own private mount namespace ? What could go wrong here ? > > IMHO, we could allow mount/bind under the following conditions: > > * the process is in a private mount namespace > * no suid-flag is honored (either force all mounts to nosuid or > completely mask it out) > * only certain whitelisted filesystems allowed (eg. 9P and FUSE) > > Maybe that all could be enabled by a new capability. > > > any suggestions ? > > > --mtx > -- Enrico Weigelt, metux IT consult Free software and Linux embedded engineering info@...ux.net -- +49-151-27565287
Powered by blists - more mailing lists