From mboxrd@z Thu Jan  1 00:00:00 1970
From: Miklos Szeredi <miklos@szeredi.hu>
Subject: Re: [PATCH] private mounts
Date: Sun, 24 Apr 2005 22:45:35 +0200
Message-ID: <E1DPnyx-0000Uf-00@localhost>
References: <E1DPnOn-0000T0-00@localhost> <20050424201356.GJ13052@parcelfarce.linux.theplanet.co.uk>
Cc: linux-fsdevel@vger.kernel.org, hch@infradead.org,
	linux-kernel@vger.kernel.org, akpm@osdl.org
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from rev.193.226.232.93.euroweb.hu ([193.226.232.93]:33689 "EHLO
	dorka.pomaz.szeredi.hu") by vger.kernel.org with ESMTP
	id S262410AbVDXUpy (ORCPT <rfc822;linux-fsdevel@vger.kernel.org>);
	Sun, 24 Apr 2005 16:45:54 -0400
To: viro@parcelfarce.linux.theplanet.co.uk
In-reply-to: <20050424201356.GJ13052@parcelfarce.linux.theplanet.co.uk>
	(message from Al Viro on Sun, 24 Apr 2005 21:13:56 +0100)
Sender: linux-fsdevel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

> > Comments are appreciated.  If there are no vetoes agains the patch, I
> > think it's suitable for -mm.
> 
> Vetoed.  Having suid application with different pathname resolution than
> that of parent just because it is suid is not acceptable.  I'm sorry,
> but breaking hell knows how many existing applications is not an option.

I'm pretty sure any suid program doing path resolution and other
filesystem operations on _behalf_ of the original user will do them
with fsuid, fsgid set to the original.  Otherwise they are bound to
break in other cases too (NFS export with root_sqash, etc).

Have any counterexamples?

Thanks,
Miklos