Re: [patch 8/9] unprivileged mounts: propagation: inherit owner from parent

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: <serue@...>

Cc: <miklos@...>, <akpm@...>, <hch@...>, <serue@...>, <viro@...>, <ebiederm@...>, <kzak@...>, <linux-fsdevel@...>, <linux-kernel@...>, <containers@...>, <util-linux-ng@...>

Subject: Re: [patch 8/9] unprivileged mounts: propagation: inherit owner from parent

Date: Tuesday, January 15, 2008 - 6:39 am

> Quoting Miklos Szeredi (miklos@szeredi.hu):
quoted text> > From: Miklos Szeredi <mszeredi@suse.cz>
> > 
> > On mount propagation, let the owner of the clone be inherited from the
> > parent into which it has been propagated.  Also if the parent has the
> > "nosuid" flag, set this flag for the child as well.
> 
> What about nodev?

Hmm, I think the nosuid thing is meant to prevent suid mounts being
introduced into a "suidless" namespace.  This doesn't apply to dev
mounts, which are quite safe in a suidless environment, as long as the
user is not able to create devices.  But that should be taken care of
by capability tests.

I'll update the description.

Thanks,
Miklos
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[patch 8/9] unprivileged mounts: propagation: inherit owner ..., Miklos Szeredi, (Tue Jan 8, 7:35 am)

Re: [patch 8/9] unprivileged mounts: propagation: inherit ow..., Serge E. Hallyn, (Mon Jan 14, 7:13 pm)

Re: [patch 8/9] unprivileged mounts: propagation: inherit ow..., Miklos Szeredi, (Tue Jan 15, 6:39 am)

Re: [patch 8/9] unprivileged mounts: propagation: inherit ow..., Serge E. Hallyn, (Tue Jan 15, 10:21 am)

Re: [patch 8/9] unprivileged mounts: propagation: inherit ow..., Miklos Szeredi, (Tue Jan 15, 10:37 am)

Re: [patch 8/9] unprivileged mounts: propagation: inherit ow..., Serge E. Hallyn, (Tue Jan 15, 10:59 am)


linux-kernel:
Michal Piotrowski	Re: [BUG] fs/xfs/xfs_bmap_btree.c:2312: error: 'b' undeclared (first use in this f...
debian developer	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Greg KH	[GIT PATCH] driver core patches against 2.6.24
Paul Jackson	[PATCH 0/5 v2] x86 boot: various E820 & EFI related fixes - what changed in v2
git:

openbsd-misc:

linux-netdev:
Paweł Staszewski	Re: rib_trie / Fix inflate_threshold_root. Now=15 size=11 bits
David Miller	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Jarek Poplawski	Re: Data corruption issue with splice() on 2.6.27.10

Re: [patch 8/9] unprivileged mounts: propagation: inherit owner from parent

Online users