Re: FUSE merging?

From: Miklos Szeredi
Date: Fri Jul 01 2005 - 01:41:43 EST

Next message: Andrew Morton: "Re: FUSE merging?"
Previous message: Miklos Szeredi: "Re: FUSE merging?"
In reply to: Frank van Maarseveen: "Re: FUSE merging?"
Next in thread: Miklos Szeredi: "Re: FUSE merging?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > - I don't recall seeing an exhaustive investigation of how an
> > unprivileged user could use a FUSE mount to implement DoS attacks against
> > other users or against root.
>
> You say
>
> "If a sysadmin trusts the users enough, or can ensure through other
> measures, that system processes will never enter non-privileged mounts,
> it can relax the last limitation with a "user_allow_other" config
> option. If this config option is set, the mounting user can add the
> "allow_other" mount option which disables the check for other users'
> processes."
>
> What config option, where?

Currently that's a userspace issue. There's a /etc/fuse.conf file,
with two options:

max_mounts=X
user_allow_other

The fusermount helper reads this file, and decides if passing the
'allow_other' mount option to the kernel is OK or not.

If we want unprivileged sys_mount() these will have to be checked in
kernel (set via sysfs, etc).

Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: FUSE merging?"
Previous message: Miklos Szeredi: "Re: FUSE merging?"
In reply to: Frank van Maarseveen: "Re: FUSE merging?"
Next in thread: Miklos Szeredi: "Re: FUSE merging?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]