Re: [PATCH 1/3] implement uid and gid mount options for ext2

[Eric W. Biederman]

Alan Cox <alan@xxxxxxxxxxxxxxxxxxx> writes:

>> +uid=n[:m]			Make all files appear to belong to uid n.
>> +				Useful for e.g. removable media with fstab
>> +				options 'user,uid=useruid'. The optional second
>> +				uid m is actually written to the file system.
>
> So what happens if I insert a USB key containing a device node to the
> hard disk ? Why is this functionality useful in the current form ?
>
> (ie I think you need an actual rational security model first)

> Also why is this at the per fs level duplicating stuff each time rather
> than at the vfs level - this seems to be vfs level functionality.

Even more fun there is essentially a generic implementation in the user
namespaces.  What needs to be implemented to support this is support for
mounting in a non-default user namespace, and then all of the mapping
functionality is generic.  Which I presume will imply MS_NODEV.

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/