Re: per-process namespace?

From: viro
Date: Tue Jun 29 2004 - 17:11:36 EST

Next message: Bill Davidsen: "Re: Disk copy, last sector problem"
Previous message: Martin Schlemmer: "Re: 2.6.7-mm1 - 2.6.7-mm4 weird http behavior"
In reply to: Mike Waychison: "Re: per-process namespace?"
Next in thread: Ram Pai: "Re: per-process namespace?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 29, 2004 at 05:10:21PM -0400, Mike Waychison wrote:
> Another caveat is that the current system disallows you from doing any
> mount/umount's in another namespace (bogus security?).

Nothing bogus here - namespace boundary _IS_ a trust boundary and that's
exactly the diference between symlinks and bindings - symlink attacks
are possible exactly because they allow you to modify visible tree topology
for other users.

Note that sharing parts of namespace (which is basically what automounter
wants and what we do not have yet) is deliberate act of trust - same as
having a part of your address space shared with other process.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bill Davidsen: "Re: Disk copy, last sector problem"
Previous message: Martin Schlemmer: "Re: 2.6.7-mm1 - 2.6.7-mm4 weird http behavior"
In reply to: Mike Waychison: "Re: per-process namespace?"
Next in thread: Ram Pai: "Re: per-process namespace?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]