Re: [PATCH 02/11] mtd: Check permissions towards mtd block device inode when mounting

From: Richard Weinberger
Date: Sat Dec 23 2017 - 07:56:24 EST


Dongsu,

Am Samstag, 23. Dezember 2017, 13:18:30 CET schrieb Dongsu Park:
> Hi,
>
> On Fri, Dec 22, 2017 at 10:06 PM, Richard Weinberger
>
> <richard.weinberger@xxxxxxxxx> wrote:
> > Dongsu,
> >
> > On Fri, Dec 22, 2017 at 3:32 PM, Dongsu Park <dongsu@xxxxxxxxxx> wrote:
> >> From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
> >>
> >> Unprivileged users should not be able to mount mtd block devices
> >> when they lack sufficient privileges towards the block device
> >> inode. Update mount_mtd() to validate that the user has the
> >> required access to the inode at the specified path. The check
> >> will be skipped for CAP_SYS_ADMIN, so privileged mounts will
> >> continue working as before.
> >
> > What is the big picture of this?
> > Can in future an unprivileged user just mount UBIFS?
>
> I'm not sure I'm aware of all use cases w.r.t mtd & ubifs.
> To my understanding, in these days many container runtimes allow
> unprivileged users to run containers. (docker, lxc, runc, bubblewrap, etc)
> That's why the kernel should deal with additional permission checks
> that might have not been necessary in the past.
> This MTD patch is one of those special cases.

My fear is that a corner case is forgotten and all of a sudden someone can do
funky things with MTD in a container...

Thanks,
//richard