From mboxrd@z Thu Jan 1 00:00:00 1970 From: Richard Weinberger Subject: Re: Intentionally corrupted vfat fs causing BUG Date: Mon, 13 Oct 2014 10:39:03 +0200 Message-ID: <543B8FA7.9000106@nod.at> References: <20141010205706.GJ27150@sli.dy.fi> <87h9z97aoh.fsf@devron.myhome.or.jp> <8761fo7667.fsf@devron.myhome.or.jp> <543B8BC7.1040501@nod.at> <87y4sk5pul.fsf@devron.myhome.or.jp> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Cc: Sami Liedes , linux-fsdevel , Al Viro To: OGAWA Hirofumi Return-path: Received: from a.ns.miles-group.at ([95.130.255.143]:65275 "EHLO radon.swed.at" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752052AbaJMIjH (ORCPT ); Mon, 13 Oct 2014 04:39:07 -0400 In-Reply-To: <87y4sk5pul.fsf@devron.myhome.or.jp> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: Am 13.10.2014 um 10:35 schrieb OGAWA Hirofumi: > Richard Weinberger writes: > >>> I'm still not sure whether this is right direction or not though, >>> because mount operation is root only and untrusted image should run fsck >>> before. But, also, Oops is clearly unexpected. Hmmm... >> >> This limitation is not true anymore. Plug in a USB stick into a recent >> Linux desktop, it will automatically mount it... Also think of user >> namespaces and FUSE. > > Not really (well, true, some sort though). It is still controlled by root > or capability, right? I.e. still controlled by admin of system. Fact is, I can plugin a USB stick to my buddies Laptop and make it trigger a BUG_ON. :) > I read user namespaces last time, it doesn't allow to mount the block > device by namespace's root. > > FUSE is allowed to mount by true user (I.e. admin can't disallow it)? I > still didn't check it fully. The question is how long these limits will stay... User namespaces uncovered already a pile of issues wrt. to mounting. Thanks, //richard