Re: [RCF] [PATCH] unprivileged mount/umount

From: Bodo Eggert
Date: Wed May 11 2005 - 14:35:37 EST

Next message: Ram: "Re: [RCF] [PATCH] unprivileged mount/umount"
Previous message: Steven Rostedt: "Re: BUGs in 2.6.12-rc2-RT-V0.7.45-01"
In reply to: Jamie Lokier: "Re: [RCF] [PATCH] unprivileged mount/umount"
Next in thread: Jamie Lokier: "Re: [RCF] [PATCH] unprivileged mount/umount"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 11 May 2005, Jamie Lokier wrote:
> Bodo Eggert <harvested.in.lkml@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

> > > How about a new clone option "CLONE_NOSUID"?
> >
> > IMO, the clone call ist the wrong place to create namespaces. It should be
> > deprecated by a mkdir/chdir-like interface.
>
> And the mkdir/chdir interface already exists, see "cd /proc/NNN/root".

If you want persistent namespaces, this will be a PITA (I don't want a
keep-the-namespace-open-daemon), and if you don't, it will be racy
(user a logs in, while his second/nth login expires).

Keeping a list of named namespaces in kernel can be made cheap and secure.
--
Friendly fire isn't.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ram: "Re: [RCF] [PATCH] unprivileged mount/umount"
Previous message: Steven Rostedt: "Re: BUGs in 2.6.12-rc2-RT-V0.7.45-01"
In reply to: Jamie Lokier: "Re: [RCF] [PATCH] unprivileged mount/umount"
Next in thread: Jamie Lokier: "Re: [RCF] [PATCH] unprivileged mount/umount"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]