Re: [PATCH] cifs: handle termination of cifs oplockd kernel thread

From: Christoph Hellwig
Date: Sat Apr 30 2005 - 03:31:46 EST

On Sat, Apr 30, 2005 at 10:14:07AM +0200, Miklos Szeredi wrote:
> > Except that we don't have the concept of a mount owner at the VFS level
> > right now, because everyone is adding stupid suid wrapper hacks instead
> > of trying to fix the problems for real.
> Having a mount owner is not a problem. Having a good policy for
> accepting mounts is rather more so, according to some:
> Just a little taste of what that policy would involve:
> - global limit on user mounts

I don't think we need that one.

> - possibly per user limit on mounts

Makes sense as an ulimit, that way the sysadmin can easily disable the
user mount feature aswell.

> - acceptable mountpoints (unlimited writablity is probably a good minimum)


> - acceptable mount options (nosuid, nodev are obviously not)

noexecis a bit too much, so the above look good.

> - filesystems "safe" to mount by users

what filesystem do you think is unsafe?

- virtual filesystems exporting kernel data are obviously safe as
they enforce permissions no matter who mounted them. (actually we'd
need to check for some odd mount options)

- block-based filesystems should be safe as long as the mounter has
access to the underlying block device

- network/userspace filesystems should be fine aswell

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at