From: Alessio Balsini <balsini@android.com>
To: Antonio SJ Musumeci <trapexit@spawn.link>
Cc: Miklos Szeredi <miklos@szeredi.hu>,
Alessio Balsini <balsini@android.com>,
Akilesh Kailash <akailash@google.com>,
Amir Goldstein <amir73il@gmail.com>,
David Anderson <dvander@google.com>,
Giuseppe Scrivano <gscrivan@redhat.com>,
Jann Horn <jannh@google.com>, Jens Axboe <axboe@kernel.dk>,
Martijn Coenen <maco@android.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Paul Lawrence <paullawrence@google.com>,
Stefano Duo <stefanoduo@google.com>,
Zimuzo Ezeozue <zezeozue@google.com>,
fuse-devel <fuse-devel@lists.sourceforge.net>,
kernel-team <kernel-team@android.com>,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH V9 2/4] fuse: Trace daemon creds
Date: Thu, 22 Oct 2020 17:14:57 +0100 [thread overview]
Message-ID: <20201022161457.GB36774@google.com> (raw)
In-Reply-To: <a5d94f04-a980-ee3f-bd8d-42df3a859777@spawn.link>
On Wed, Sep 30, 2020 at 03:16:20PM -0400, Antonio SJ Musumeci wrote:
> On 9/30/2020 2:45 PM, Miklos Szeredi wrote:
> > On Thu, Sep 24, 2020 at 3:13 PM Alessio Balsini <balsini@android.com> wrote:
> > > Add a reference to the FUSE daemon credentials, so that they can be used to
> > > temporarily raise the user credentials when accessing lower file system
> > > files in passthrough.
> > Hmm, I think it would be better to store the creds of the ioctl()
> > caller together with the open file. The mounter may deliberately
> > have different privileges from the process doing the actual I/O.
> >
> > Thanks,
> > Miklos
>
>
> In my usecase I'm changing euid/egid of the thread to whichever the uid/gid
> was passed to the server which is otherwise running as root.
>
Ack, in the next patch set I will store the creds of the ioctl() caller.
Thanks,
Alessio
next prev parent reply other threads:[~2020-10-22 16:15 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-24 13:13 [PATCH V9 0/4] fuse: Add support for passthrough read/write Alessio Balsini
2020-09-24 13:13 ` [PATCH V9 1/4] fuse: Definitions and ioctl() for passthrough Alessio Balsini
2020-09-29 14:37 ` Alessio Balsini
2020-09-30 15:44 ` Miklos Szeredi
2020-10-22 16:12 ` Alessio Balsini
2020-09-24 13:13 ` [PATCH V9 2/4] fuse: Trace daemon creds Alessio Balsini
2020-09-30 18:45 ` Miklos Szeredi
2020-09-30 19:16 ` Antonio SJ Musumeci
2020-10-22 16:14 ` Alessio Balsini [this message]
2020-09-24 13:13 ` [PATCH V9 3/4] fuse: Introduce synchronous read and write for passthrough Alessio Balsini
2020-09-30 18:50 ` Miklos Szeredi
2020-10-22 16:17 ` Alessio Balsini
2020-09-24 13:13 ` [PATCH V9 4/4] fuse: Handle asynchronous read and write in passthrough Alessio Balsini
2020-09-30 18:54 ` Miklos Szeredi
2020-10-22 16:38 ` Alessio Balsini
2020-09-30 15:33 ` [PATCH V9 0/4] fuse: Add support for passthrough read/write Miklos Szeredi
2020-10-02 13:38 ` Alessio Balsini
2020-10-21 15:39 ` Alessio Balsini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201022161457.GB36774@google.com \
--to=balsini@android.com \
--cc=akailash@google.com \
--cc=amir73il@gmail.com \
--cc=axboe@kernel.dk \
--cc=dvander@google.com \
--cc=fuse-devel@lists.sourceforge.net \
--cc=gscrivan@redhat.com \
--cc=jannh@google.com \
--cc=kernel-team@android.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maco@android.com \
--cc=miklos@szeredi.hu \
--cc=palmer@dabbelt.com \
--cc=paullawrence@google.com \
--cc=stefanoduo@google.com \
--cc=trapexit@spawn.link \
--cc=zezeozue@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.