Re: -mm -> 2.6.13 merge status (fuse)
From: Pavel Machek
Date: Wed Jun 22 2005 - 04:07:44 EST
Hi!
> > > You have a choice of: 1) believe me that the current solution is
> > > fine
> >
> > > 2) get down and try to understand the damn thing, and then come up
> > > with technical arguments for/against it
> >
> > Argument is "it is **** ugly".
>
> Yeah, that's your opinion. Mine is that it's f****** beautiful ;).
>
> There are plenty of ugly things in Unix/Linux that you've become so
> accustomed to, that they no longer seem ugly. Think about the sticky
> bit on directories for example. That one was breaking assumptions
> left and right when it got introduced, but people came to accept it,
> because it's useful.
Just for the record, I still consider sticky bit "slightly" ugly and
nfs root squash "very" ugly.
> > Your fuse.txt explains why it is not security hole. It does not
> > explain why your interface is the best possible, and what alternative
> > ways of "not security hole" exist.
>
> That's because I don't see any alternative. The "preventing user from
> tracing root" and "preventing access to user's filesysem by root" must
> come together. There's doesn't seem to be any other way.
It is clear that we can't allow root (or anyone else) to access that
filesystem. Infinite namespace is nice trap.
> BTW, thanks for reading through fuse.txt :)
You are welcome ;-).
Pavel
--
teflon -- maybe it is a trademark, but it should not be.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/