Re: [PATCH] private mounts

From: Miklos Szeredi
Date: Thu Apr 28 2005 - 02:28:56 EST

Next message: Li Shaohua: "Re: [PATCH 6/6]suspend/resume SMP support"
Previous message: Andrew Morton: "Re: [PATCH 6/6]suspend/resume SMP support"
In reply to: Bill Davidsen: "Re: [PATCH] private mounts"
Next in thread: Miklos Szeredi: "Re: [PATCH] private mounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I think you point out a solution could be worse that what it cures.
> There are clearly problems with mount over, but imagine that a user does
> an invisible mount over /mnt, doesn't that prevent other mounts which
> are usually made, like /mnt/cdrom, /mnt/loopN, etc?

As previously explained, user mounts are only allowed on directories
for which the user has full write access. Exactly for this reason.

> Every time someone suggests a solution it seems to open a new path to
> possible abuse. And features which only work with a monotonic kernel
> rather than modules would seem to indicate that the feature is nice but
> the implementation might benefit from more thinking time.

Huh? Where did modularitly come into this?

> Frankly the whole statement that the controversial code MUST go in now
> and could be removed later sounds like a salesman telling me I MUST sign
> the contract today, but he will let me out of it if I decide it was a
> mistake.

The point of this thread is to find a solution to a problem. The
discussion is turning up very interesting viewpoints and I'm
understanding the problem better and better, and I think other people
are too.

While I disagree with the view taken by Christoph H., I'm now also
thankful to him for stiring up the mud, because it ended up with a lot
of useful ideas.

In the end I'd like a solution that everybody is happy with. That
means I'm not going to give up searching because someone said, that
the current solution is crappy.

Do you understand my position?

> I'm not against the feature, but a lot of people I consider competent
> seem to find the implementation controversial, which argues for waiting
> until more eyes are on the code.

Yes. I'm not going to ask Andrew to merge the code until I feel that
everybody concerned is happy with it. No matter how many release
cycles it takes.

> If the rest of the code is useless without the controversial part,
> maybe it should all stay a patch to use or not as people decide.

It has been distributed separately from the kernel for 3 years now.
So people _can_ try it out.

Thanks,
Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Li Shaohua: "Re: [PATCH 6/6]suspend/resume SMP support"
Previous message: Andrew Morton: "Re: [PATCH 6/6]suspend/resume SMP support"
In reply to: Bill Davidsen: "Re: [PATCH] private mounts"
Next in thread: Miklos Szeredi: "Re: [PATCH] private mounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]