From: Al Viro <viro@zeniv.linux.org.uk>
To: Christian Brauner <brauner@kernel.org>
Cc: Dave Chinner <david@fromorbit.com>,
Demi Marie Obenour <demi@invisiblethingslab.com>,
cve@kernel.org, gnoack@google.com, gregkh@linuxfoundation.org,
kent.overstreet@linux.dev, linux-bcachefs@vger.kernel.org,
linux-fsdevel@vger.kernel.org,
linux-security-module@vger.kernel.org, mic@digikod.net,
Demi Marie Obenour <demiobenour@gmail.com>
Subject: Re: Unprivileged filesystem mounts
Date: Tue, 11 Mar 2025 17:36:00 +0000 [thread overview]
Message-ID: <20250311173600.GR2023217@ZenIV> (raw)
In-Reply-To: <20250311-desillusionieren-goldfisch-0c2ce3194e68@brauner>
On Tue, Mar 11, 2025 at 12:01:48PM +0100, Christian Brauner wrote:
> The case where arbitrary devices stuck into a laptop (e.g., USB sticks)
> are mounted isn't solved by making a filesystem mountable unprivileged.
> The mounted device cannot show up in the global mount namespace
> somewhere since the user doesn't own the initial mount+user namespace.
> So it's pointless. In other words, there's filesystem level checks and
> mount namespace based checks. Circumventing that restriction means that
> any user can just mount the device at any location in the global mount
> namespace and therefore simply overmount other stuff.
Note that "untrusted contents" is not the worst thing you can run into -
it can be content changing behind your back. I seriously doubt that
anyone fuzzes for that kind of crap (and no, it's not an invitation to
start). I seriously doubt that there's any local filesystem that would
be resilent to that...
next prev parent reply other threads:[~2025-03-11 17:36 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-06 16:08 CVE-2025-21830: landlock: Handle weird files Greg Kroah-Hartman
2025-03-10 12:00 ` Mickaël Salaün
2025-03-10 13:49 ` Kent Overstreet
2025-03-10 14:36 ` Greg Kroah-Hartman
2025-03-10 23:42 ` Dave Chinner
2025-03-11 2:09 ` Kent Overstreet
2025-03-11 4:24 ` Dave Chinner
2025-03-11 10:50 ` Kent Overstreet
2025-03-11 2:19 ` Unprivileged filesystem mounts Demi Marie Obenour
2025-03-11 5:57 ` Dave Chinner
2025-03-11 11:01 ` Christian Brauner
2025-03-11 17:36 ` Al Viro [this message]
2025-03-11 17:43 ` Kent Overstreet
2025-03-11 17:54 ` Eric Biggers
2025-03-11 20:10 ` Demi Marie Obenour
2025-03-18 5:21 ` Dave Chinner
2025-03-19 14:55 ` Demi Marie Obenour
2025-03-19 16:59 ` Theodore Ts'o
2025-03-19 17:32 ` Demi Marie Obenour
2025-03-19 20:11 ` Theodore Ts'o
2025-03-18 22:11 ` Theodore Ts'o
2025-03-19 17:44 ` Demi Marie Obenour
2025-03-19 21:25 ` Theodore Ts'o
2025-03-20 6:26 ` Demi Marie Obenour
2025-03-20 16:00 ` Theodore Ts'o
2025-03-11 6:53 ` CVE-2025-21830: landlock: Handle weird files Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250311173600.GR2023217@ZenIV \
--to=viro@zeniv.linux.org.uk \
--cc=brauner@kernel.org \
--cc=cve@kernel.org \
--cc=david@fromorbit.com \
--cc=demi@invisiblethingslab.com \
--cc=demiobenour@gmail.com \
--cc=gnoack@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=kent.overstreet@linux.dev \
--cc=linux-bcachefs@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.