Re: [RFC][PATCH 00/20] Mount writer count and read-only bind mounts(v2)

[Grzegorz Kulewski]

On Fri, 16 Jun 2006, Dave Hansen wrote:
> On Sat, 2006-06-17 at 01:29 +0200, Grzegorz Kulewski wrote:
> > Isn't this some kind of security risk (at least in my planned use)? I mean
> > - for a small fraction of second somebody seeing /dest can write
> > /source... No?
>
> I assume you're talking about this kind of situation:
>
> mount --bind /local/writable/dir /chroot/untrusted/area/
> mount --o remount,ro /chroot/untrusted/area/

Well, actually about some kind of VPS: openvz or something like that. But 
yes, this is the same kind of scenario.


> This has no r/w window in the chroot area:
>
> mount --bind /local/writable/dir /tmp/area/
> mount --o remount,ro /tmp/area/
> mount --bind /tmp/area/ /chroot/untrusted/area/
> umount /tmp/area/

Well, it looks a little scarry and complicated at first. And probably 
requires you to know that semantic of --bind lets you do the last unmount. 
But if you are saying that this makes kernel smaller, faster and less 
buggy then you are probably very right.


Thank you for your explanation,

Grzegorz Kulewski

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/