Re: -mm -> 2.6.13 merge status (fuse)
From: Miklos Szeredi
Date: Tue Jun 21 2005 - 05:24:40 EST
> fuse
>
> This is useful, but there are, AFAIK, two issues:
>
> - We're still deadlocked over some permission-checking hacks in there
Oh, god. Let me try to explain this again:
- This is a security issue with unprivileged mounts
- Since no other filesystem currently offers secure unpivileged
mounts in Linux, this is something "new"
- Since it's something new, there's a big resistance to acceptance.
I understand this, I only ask people, to please read
Documentation/filesystems/fuse.txt, before arguing against it
- IMO it's not a hack, and it's not something that can be solved
otherwise (no, private namespaces are NOT a solution, they are
mosty orthogonal to this).
So I welcome constructive discussion. However bear in mind, that I
definitely don't want to disable unprivileged mounts. For me that is
_the_ most important feature of FUSE.
> - It has an NFS server implementation which only works if the
> to-be-served file happens to be in dcache.
More preciesly it relies on icache.
> It has been said that a userspace NFS server can be used to
> get full NFS server functionality with FUSE. I think the
> half-assed kernel implementation should be done away with.
I won't shed many tears if you drop fuse-nfs-export.patch. It would
at least give the userspace solution some boost.
However the patch is pretty small, and despite it's flaws, I know it's
used by a number of people.
Thanks,
Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/