On Thu, 15 Jul 1999 14:19:18 +0400, Grigory Lyahovitsky
<grigory@7ka.mipt.ru> said:
> Hello!
> I have written kernel module, which enables map disk image as device...
> i.e. I can do
> dd if=/dev/hda5 of=imghda5
> then I can map imghda5 as /dev/dg1 (for example)
You mean, just like the existing loopback device? You can already do
this, and mount supports it today: you could do
mount -o loop imghda5 /mnt/hda5
for example and the loopback device would be set up automatically.
> this device can be mounted using usual mount utility. But for the sake
> of security module checks pid of process, which try read/write
> something from /dev/dg1 if process with this pid is not a child of
> upper shell under which file was mapped to /dev/dg1, then access
> denied...
Unfortunately this goes completely against all unix permission checking
semantics. There is absolutely no support for anything like this inside
Linux right now.
> Theoretically, if root maps and then mounts some image in one console,
> then root from another console can't read this mount point... But
> naturally VFS saves readed directory structure in memory, so if, for
> example, first root entered into directory /aaa at this mount point,
> but not entered into directory /bbb, then second root will see the
> root of this mount point, content of /aaa, but will not see content of
> /bbb...
If you really need that, the way to do it would be through the VFS, by
implementing a new filesystem type. Do you _really_ need it that much?
If so, then the stackable filesystem templates would probably be a good
place to start.
--Stephen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/