[uml-devel] hostfs / current->fsuid

[uml-devel] hostfs / current->fsuid

[Trent Lloyd]

Hi Guys,

I was looking into trying to modify hostfs so if UML ran as root it
would keep the same permissions

And to start, I am aware of humfs, i guess my next question could be,
would humfs work with two UMLs accessing the filesystem, if yes, the
rest of this is redundant.

I was looking at making hostfs set the right owner at create time,
however current->fsuid seems just to be root, and not the person who
called the process (this is in hostfs_kern.c)

Sorry if I'm off the mark here and this is wrong, could someone tell me
if either I've buggered up somewhere and it should be right, or if I'm
using the wrong thing completely and how I could get the uid of the user
who requested the file operation.

Cheers,
Trent
Bur.st

-- 
Trent Lloyd <lathiat@bur.st>
Bur.st Networking Inc.


-------------------------------------------------------
This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference
Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer
Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA
REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

Re: [uml-devel] hostfs / current->fsuid

[Cameron Patrick]

[-- Attachment #1: Type: text/plain, Size: 442 bytes --]

Hi Trent,

Since no-one else has answered yet, I'll have a shot...

On Mon, Jun 21, 2004 at 11:44:35AM +0800, Trent Lloyd wrote:

| I was looking into trying to modify hostfs so if UML ran as root it
| would keep the same permissions

I've no idea about modifying hostfs, but have you looked into using
NFS instead?  Sure, it's a security nightmare, but it can't be worse
than running UML as root!  Performance might suck though.

Cameron.



[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [uml-devel] hostfs / current->fsuid

[BlaisorBlade]

Alle 15:50, martedì 22 giugno 2004, Cameron Patrick ha scritto:
> Hi Trent,
>
> Since no-one else has answered yet, I'll have a shot...
>
> On Mon, Jun 21, 2004 at 11:44:35AM +0800, Trent Lloyd wrote:
> | I was looking into trying to modify hostfs so if UML ran as root it
> | would keep the same permissions
>
> I've no idea about modifying hostfs, but have you looked into using
> NFS instead?  Sure, it's a security nightmare, but it can't be worse
> than running UML as root!  Performance might suck though.

No, on the uml-user list there are some reports NFS is faster than hostfs (not 
actual benchmarks, just feelings): I think that this can be true due to the 
super-optimization of NFS gone in for years; also it's difficult to optimize 
something when you cannot use inline functions for some things (i.e. the 
distinction between userspace and kernelspace files).

Bye
-- 
Paolo Giarrusso, aka Blaisorblade
Linux registered user n. 292729



-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

Re: [uml-devel] hostfs / current->fsuid

[Trent Lloyd]

Yes, however NFS has a remarkable ability to fuck up locking more often
than not (at least on linux)

> Alle 15:50, marted? 22 giugno 2004, Cameron Patrick ha scritto:
> > Hi Trent,
> >
> > Since no-one else has answered yet, I'll have a shot...
> >
> > On Mon, Jun 21, 2004 at 11:44:35AM +0800, Trent Lloyd wrote:
> > | I was looking into trying to modify hostfs so if UML ran as root it
> > | would keep the same permissions
> >
> > I've no idea about modifying hostfs, but have you looked into using
> > NFS instead?  Sure, it's a security nightmare, but it can't be worse
> > than running UML as root!  Performance might suck though.
> 
> No, on the uml-user list there are some reports NFS is faster than hostfs (not 
> actual benchmarks, just feelings): I think that this can be true due to the 
> super-optimization of NFS gone in for years; also it's difficult to optimize 
> something when you cannot use inline functions for some things (i.e. the 
> distinction between userspace and kernelspace files).
> 
> Bye
> -- 
> Paolo Giarrusso, aka Blaisorblade
> Linux registered user n. 292729

-- 
Trent Lloyd <lathiat@bur.st>
Bur.st Networking Inc.


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

[uml-devel] Re: hostfs / current->fsuid

[Sven Köhler]

> Yes, however NFS has a remarkable ability to fuck up locking more often
> than not (at least on linux)

beside that, i think that the network-protocol could have been designed 
much simpler and more firewall-friendly.

BTW: i am one of those, that think that NFS is faster than hostfs.
I cannot explain why, but i would guess, that - at least for parallel 
file-access - the networking-code required less context-switches, since 
the network-packets are perhaps queued before giving them to the 
host-system.

That's just a guess, so you may prove me wrong ;-)



-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

Re: [uml-devel] Re: hostfs / current->fsuid

[Trent Lloyd]

Speed is not so much an issue.

Does anyone have any pointers on getting current->fsuid or equivalent to
get the uid of the calling user?

> >Yes, however NFS has a remarkable ability to fuck up locking more often
> >than not (at least on linux)
> 
> beside that, i think that the network-protocol could have been designed 
> much simpler and more firewall-friendly.
> 
> BTW: i am one of those, that think that NFS is faster than hostfs.
> I cannot explain why, but i would guess, that - at least for parallel 
> file-access - the networking-code required less context-switches, since 
> the network-packets are perhaps queued before giving them to the 
> host-system.
> 
> That's just a guess, so you may prove me wrong ;-)
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email sponsored by Black Hat Briefings & Training.
> Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
> digital self defense, top technical experts, no vendor pitches, 
> unmatched networking opportunities. Visit www.blackhat.com
> _______________________________________________
> User-mode-linux-devel mailing list
> User-mode-linux-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

-- 
Trent Lloyd <lathiat@bur.st>
Bur.st Networking Inc.


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel