Re: -mm -> 2.6.13 merge status (fuse)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> fuse
> 
>     This is useful, but there are, AFAIK, two issues:
> 
>     - We're still deadlocked over some permission-checking hacks in there

Oh, god.  Let me try to explain this again:

  - This is a security issue with unprivileged mounts

  - Since no other filesystem currently offers secure unpivileged
    mounts in Linux, this is something "new"

  - Since it's something new, there's a big resistance to acceptance.
    I understand this, I only ask people, to please read
    Documentation/filesystems/fuse.txt, before arguing against it

  - IMO it's not a hack, and it's not something that can be solved
    otherwise (no, private namespaces are NOT a solution, they are
    mosty orthogonal to this).

So I welcome constructive discussion.  However bear in mind, that I
definitely don't want to disable unprivileged mounts.  For me that is
_the_ most important feature of FUSE.

>     - It has an NFS server implementation which only works if the
>       to-be-served file happens to be in dcache.

More preciesly it relies on icache.

>       It has been said that a userspace NFS server can be used to
>       get full NFS server functionality with FUSE.  I think the
>       half-assed kernel implementation should be done away with.

I won't shed many tears if you drop fuse-nfs-export.patch.  It would
at least give the userspace solution some boost.

However the patch is pretty small, and despite it's flaws, I know it's
used by a number of people.

Thanks,
Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux