Re: [PATCH] private mounts

From: Miklos Szeredi
Date: Wed Apr 27 2005 - 03:51:57 EST

Next message: dipankar das: "Re: [kernel oops when locking the cluster using HAS]"
Previous message: dipankar das: "Re: [kernel oops when locking the cluster using HAS]"
In reply to: Pavel Machek: "Re: [PATCH] private mounts"
Next in thread: Pavel Machek: "Re: [PATCH] private mounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > > Could we get root-only fuse in, please?
> >
> > chmod u-s /usr/bin/fusermount
>
> :-)))). I meant merging patches that are not controversial into
> mainline. AFAICT only controversial pieces are "make it safe for
> non-root users"...

This is the controversial part in all it's glory:

if (!(fc->flags & FUSE_ALLOW_OTHER) && current->fsuid != fc->user_id)
return -EACCES;

Leaving it out would gain us what exactly?

I'm not trying to say that this is somehow better than the
pam+shared-subtrees solution discuseed. That certainly has advantages
over this (e.g. suid programs get permission to fuse mounted
filesystems).

But leaving it out makes no sense. Zero, zilch, none.

Maybe I'm totally dumb, but I just don't get Christoph's argument.

Thanks,
Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: dipankar das: "Re: [kernel oops when locking the cluster using HAS]"
Previous message: dipankar das: "Re: [kernel oops when locking the cluster using HAS]"
In reply to: Pavel Machek: "Re: [PATCH] private mounts"
Next in thread: Pavel Machek: "Re: [PATCH] private mounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]