From mboxrd@z Thu Jan  1 00:00:00 1970
From: Grzegorz Kulewski <kangur@polcom.net>
Subject: Re: [RFC][PATCH 00/20] Mount writer count and read-only bind mounts
 (v2)
Date: Sat, 17 Jun 2006 01:29:42 +0200 (CEST)
Message-ID: <Pine.LNX.4.63.0606170125110.14464@alpha.polcom.net>
References: <20060616231213.D4C5D6AF@localhost.localdomain>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	herbert@13thfloor.at, viro@ftp.linux.org.uk
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from alpha.polcom.net ([83.143.162.52]:42972 "EHLO alpha.polcom.net")
	by vger.kernel.org with ESMTP id S932375AbWFPX3t (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Fri, 16 Jun 2006 19:29:49 -0400
To: Dave Hansen <haveblue@us.ibm.com>
In-Reply-To: <20060616231213.D4C5D6AF@localhost.localdomain>
Sender: linux-fsdevel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

On Fri, 16 Jun 2006, Dave Hansen wrote:
> The following series implements read-only bind mounts.  This feature
> allows a read-only view into a read-write filesystem.

Thanks, I like this idea very much. I think I have found at least one good
use for it even before it is merged. :-)

But...

> One note: the previous patches all worked this way:
>
> 	mount --bind -o ro /source /dest
>
> These patches have changed that behavior.  It now requires two steps:
>
> 	mount --bind /source /dest
> 	mount -o remount,ro  /dest

Isn't this some kind of security risk (at least in my planned use)? I mean 
- for a small fraction of second somebody seeing /dest can write 
/source... No?


Thanks,

Grzegorz Kulewski