Miklos Szeredi wrote:
This (lightly tested) patch against 2.6.12-rc* adds some
infrastructure and basic functionality for unprivileged mount/umount
system calls.
Details:
- new mnt_owner field in struct vfsmount
- if mnt_owner is NULL, it's a privileged mount
- global limit on unprivileged mounts in /proc/sys/fs/mount-max
- per user limit of mounts in rlimit
- allow umount for the owner (except force flag)
- allow unprivileged bind mount to files/directories writable by owner
- add nosuid,nodev flags to unprivileged mounts
Next step would be to add some policy for new mounts. I'm thinking of
either something static: e.g. FS_SAFE flag for "safe" filesystems, or
a more configurable approach through sysfs or something.
Comments?
Are these public or private mounts? In other words, is the mount visible
only to the mounting process and children, or is it visible to (and can
effect) other processes. Clearly true private mounts open uses with
chroot jails and virtualization.
--
-bill davidsen ([email protected])
"The secret to procrastination is to put things off until the
last possible moment - but no longer" -me
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]