Re: [patch 0/8] unprivileged mount syscall

From: H. Peter Anvin
Date: Fri Apr 06 2007 - 20:23:45 EST

Next message: Andrew Morton: "Re: [patch 07/20] Allow paravirt backend to choose kernel PMDsharing"
Previous message: menage: "[PATCH 5/7] Containers (V8): Resource Groups over generic containers"
In reply to: Jan Engelhardt: "Re: [patch 0/8] unprivileged mount syscall"
Next in thread: Eric Van Hensbergen: "Re: [patch 0/8] unprivileged mount syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jan Engelhardt wrote:

On Apr 6 2007 16:16, H. Peter Anvin wrote:
- users can use bind mounts without having to pre-configure them in
/etc/fstab

This is by far the biggest concern I see. I think the security implication of
allowing anyone to do bind mounts are poorly understood.

$ whoami
miklos
$ mount --bind / ~/down_under

later that day:
# userdel -r miklos

So both the source (/) and target (~/down_under) directory must be owned by the user before --bind may succeed.

There may be other implications hpa might want to fill us in.

Consider backups, for example.

-hpa
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [patch 07/20] Allow paravirt backend to choose kernel PMDsharing"
Previous message: menage: "[PATCH 5/7] Containers (V8): Resource Groups over generic containers"
In reply to: Jan Engelhardt: "Re: [patch 0/8] unprivileged mount syscall"
Next in thread: Eric Van Hensbergen: "Re: [patch 0/8] unprivileged mount syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]