Re: [PATCH 2/18] cleanups and bug fix in do_loopback()

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ram Pai <linuxram@us.ibm.com>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: Al Viro <viro@ftp.linux.org.uk>,
	torvalds@osdl.org, linux-kernel@vger.kernel.org,
	linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH 2/18] cleanups and bug fix in do_loopback()
Date: Wed, 09 Nov 2005 11:08:19 -0800	[thread overview]
Message-ID: <1131563299.5400.392.camel@localhost> (raw)
In-Reply-To: <E1EZPm4-0007R7-00@dorka.pomaz.szeredi.hu>

On Tue, 2005-11-08 at 01:28, Miklos Szeredi wrote:
> > > I see no other reason for wanting to prevent binds from detached
> > > mounts or other namespaces.  It has been discussed that it would be a
> > > good _controlled_ way to send/receive mounts from other namespace
> > > without adding any complexity.
> > 
> > AFAICT, the ability to bind across namespaces defeats the private-ness
> > property of per-process-namespaces. 
> 
> No.  The privateness is guaranteed by proc_check_root(), which is
> similar, but not the same as check_mnt(), and wich restrict _access_
> to other namespaces.
> check_mnt() restricts operations on other namespaces if you _already_
> have access to said namespace.  For example via a file descriptor sent
> between two processes in different namespaces.

 Yes there is some contradiction of some sorts on this. private-ness
means that the namespace must _not_ be accesible to processes
in other namespace. But 'file descriptor sent between two processes in
different namespaces' seems to break that guarantee.  

> 
> Also with ptrace() you can still access other process's namespace, so
> proc_check_root() is also too strict (or ptrace() too lax).

same here.

RP

> 
> Miklos

next prev parent reply	other threads:[~2005-11-09 19:08 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-11-08  2:01 [PATCH 2/18] cleanups and bug fix in do_loopback() Al Viro
2005-11-08  6:59 ` Miklos Szeredi
2005-11-08  8:46   ` Ram Pai
2005-11-08  9:28     ` Miklos Szeredi
2005-11-09 19:08       ` Ram Pai [this message]
2005-11-09 21:15         ` Miklos Szeredi
2005-11-10  0:51           ` Ram Pai

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1131563299.5400.392.camel@localhost \
    --to=linuxram@us.ibm.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=miklos@szeredi.hu \
    --cc=torvalds@osdl.org \
    --cc=viro@ftp.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.