Re: -mm -> 2.6.13 merge status (fuse)
From: Miklos Szeredi
Date: Wed Jun 22 2005 - 13:00:34 EST
> I don't think this should be objectionable, since we already have
> times when root-owned tasks can get EACCESS when accessing some
> filesystem. This can happen with any distributed filesystem that
> enforces real security --- whether it be nfs-root-squash, or the
> Andrew Filesystem, or NFSv4. Root can get "permission denied" when
> some other userid with appropriate credentials would be allowed to
> access the file/directory.
Right.
> On the other hand, sometimes a root process, or some other user's
> process, might _want_ to give permission to allow a trusted FUSE
> filesystem the potential to monkey with it (return potentially
> untrusted information, or stop it entirely), in exchange for access to
> the filesystem. So it would be nice if there was some way that a
> process could tell the kernel that it is willing to give permission to
> allow certain FUSE filesystems to potentially affect it. Say, via a
> fnctl() call, perhaps.
Hmm. 'su' works for root.
How do you think fcntl() could be used? I think a task flag settable
via prctl() would be more appropriate.
Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/