From: Eric Van Hensbergen <ericvh@gmail.com>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
hch@infradead.org, akpm@osdl.org,
viro@parcelfarce.linux.theplanet.co.uk
Subject: Re: [RFC] FUSE permission modell (Was: fuse review bits)
Date: Sun, 17 Apr 2005 14:57:54 -0500 [thread overview]
Message-ID: <a4e6962a0504171257715cffc0@mail.gmail.com> (raw)
In-Reply-To: <E1DNElp-0005JD-00@dorka.pomaz.szeredi.hu>
On 4/17/05, Miklos Szeredi <miklos@szeredi.hu> wrote:
> > >
> > > 1) Only allow mount over a directory for which the user has write
> > > access (and is not sticky)
> > >
> > > 2) Use nosuid,nodev mount options
> > >
> > > [ parts deleted ]
> >
> > Do these solve all the security concerns with unprivileged mounts, or
> > are there other barriers/concerns? Should there be ulimit (or rlimit)
> > style restrictions on how many mounts/binds a user is allowed to have
> > to prevent users from abusing mount privs?
>
> Currently there is a (configurable) global limit for all non-root FUSE
> mounts. An additional per-user limit would be nice, but from the
> security standpoint it doesn't matter.
>
> > I was thinking about this a while back and thought having a user-mount
> > permissions file might be the right way to address lots of these
> > issues. Essentially it would contain information about what
> > users/groups were allowed to mount what sources to what destinations
> > and with what mandatory options.
>
> I haven't yet seen the need for such a great flexibility. Debian
> installs fusermount (the FUSE mount utility) "-rwsr-x--- root fuse",
These are both well and good, but I was looking for a more global
system (for things other than FUSE).
>
> > Is this unnecessary? Is this not enough?
>
> Maybe it is necessary, but why bother until somebody actually wants
> it? I'm a great believer of the "lazy" development philosophy ;)
>
Yeah, I guess I'm motivated in that I want to use normal mount to
handle v9fs user file systems, local private mounts, and local private
resource shares. I'd also like normal users to be able to take better
advantage of -o bind. I think its kinda silly that we have special
purpose mounts for cifs, samba, fuse, v9fs, etc -- but I suppose
that's more of a user-space util-linux dilemma than a kernel dilemma.
-eric
next prev parent reply other threads:[~2005-04-17 19:57 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20050320151212.4f9c8f32.akpm@osdl.org>
[not found] ` <20050321073519.GA13879@outpost.ds9a.nl>
[not found] ` <20050323083347.GA1807@infradead.org>
[not found] ` <E1DE2D1-0005Ie-00@dorka.pomaz.szeredi.hu>
[not found] ` <20050325095838.GA9471@infradead.org>
[not found] ` <E1DEmYC-0008Qg-00@dorka.pomaz.szeredi.hu>
[not found] ` <20050331112427.GA15034@infradead.org>
[not found] ` <E1DH13O-000400-00@dorka.pomaz.szeredi.hu>
[not found] ` <20050331200502.GA24589@infradead.org>
[not found] ` <E1DJsH6-0004nv-00@dorka.pomaz.szeredi.hu>
[not found] ` <20050411114728.GA13128@infradead.org>
2005-04-11 14:43 ` [RFC] FUSE permission modell (Was: fuse review bits) Miklos Szeredi
2005-04-11 15:36 ` Daniel Jacobowitz
2005-04-11 15:56 ` Miklos Szeredi
2005-04-11 18:17 ` Daniel Jacobowitz
2005-04-11 19:10 ` Miklos Szeredi
2005-04-11 19:22 ` Daniel Jacobowitz
2005-04-11 19:56 ` Miklos Szeredi
2005-04-11 21:41 ` Jamie Lokier
2005-04-12 6:10 ` Miklos Szeredi
2005-04-12 14:33 ` Jamie Lokier
2005-04-12 15:13 ` Miklos Szeredi
2005-04-12 16:03 ` Miklos Szeredi
2005-04-12 15:16 ` Frank Sorenson
2005-04-12 15:56 ` Jamie Lokier
2005-04-17 17:45 ` Eric Van Hensbergen
2005-04-17 18:06 ` Jamie Lokier
2005-04-12 20:36 ` Anton Altaparmakov
2005-04-11 22:13 ` Daniel Jacobowitz
2005-04-12 6:27 ` Miklos Szeredi
2005-04-12 14:32 ` Jamie Lokier
2005-04-12 14:59 ` Miklos Szeredi
2005-04-12 16:13 ` Jamie Lokier
2005-04-12 16:37 ` Miklos Szeredi
2005-04-12 16:45 ` Jamie Lokier
2005-04-12 16:52 ` Miklos Szeredi
2005-04-12 17:14 ` Jamie Lokier
2005-04-12 19:10 ` Miklos Szeredi
2005-04-12 16:42 ` Jan Hudec
2005-04-12 8:06 ` Jan Hudec
2005-04-11 18:22 ` Jamie Lokier
2005-04-11 18:27 ` Daniel Jacobowitz
2005-04-11 19:38 ` Miklos Szeredi
2005-04-17 18:01 ` Eric Van Hensbergen
2005-04-17 18:45 ` Miklos Szeredi
2005-04-17 19:57 ` Eric Van Hensbergen [this message]
[not found] <3S8oM-So-11@gated-at.bofh.it>
[not found] ` <3S8oM-So-13@gated-at.bofh.it>
[not found] ` <3S8oN-So-15@gated-at.bofh.it>
[not found] ` <3S8oN-So-17@gated-at.bofh.it>
[not found] ` <3S8oN-So-19@gated-at.bofh.it>
[not found] ` <3S8oN-So-21@gated-at.bofh.it>
[not found] ` <3S8oN-So-23@gated-at.bofh.it>
[not found] ` <3S8oN-So-25@gated-at.bofh.it>
[not found] ` <3S8oN-So-27@gated-at.bofh.it>
[not found] ` <3S8oM-So-7@gated-at.bofh.it>
[not found] ` <3SbPN-3T4-19@gated-at.bofh.it>
2005-04-12 9:17 ` Bodo Eggert <harvested.in.lkml@posting.7eggert.dyndns.org>
2005-04-12 14:45 ` Jamie Lokier
2005-04-12 15:19 ` Miklos Szeredi
2005-04-12 16:04 ` Jamie Lokier
2005-04-12 16:31 ` Miklos Szeredi
2005-04-12 16:44 ` Jamie Lokier
2005-04-12 16:55 ` Miklos Szeredi
2005-04-12 17:13 ` Jamie Lokier
2005-04-12 19:08 ` Miklos Szeredi
2005-04-13 12:56 ` Jan Hudec
2005-04-13 15:08 ` Miklos Szeredi
2005-04-13 16:13 ` Jamie Lokier
2005-04-13 16:47 ` Miklos Szeredi
2005-04-13 16:57 ` Jamie Lokier
2005-04-13 15:58 ` Jamie Lokier
2005-04-12 20:19 ` Anton Altaparmakov
2005-04-12 21:52 ` Jamie Lokier
2005-04-13 9:14 ` Miklos Szeredi
2005-04-13 12:59 ` Jan Hudec
2005-04-13 17:02 ` Jamie Lokier
2005-04-13 17:29 ` Miklos Szeredi
2005-04-13 18:36 ` Jamie Lokier
2005-04-13 19:16 ` Miklos Szeredi
[not found] ` <3S9b7-1yl-1@gated-at.bofh.it>
[not found] ` <3S9uB-1Lj-3@gated-at.bofh.it>
[not found] ` <3SbG5-3Mb-41@gated-at.bofh.it>
[not found] ` <3ScC1-4zl-1@gated-at.bofh.it>
[not found] ` <3ScLO-4GA-9@gated-at.bofh.it>
[not found] ` <3SdeV-54h-21@gated-at.bofh.it>
[not found] ` <3SeXf-6BK-21@gated-at.bofh.it>
[not found] ` <E1DLKOd-0001Nd-MG@be1.7eggert.dyndns.org>
2005-04-12 14:37 ` Jamie Lokier
2005-04-12 19:51 ` Bodo Eggert
[not found] ` <3UmnD-6Fy-7@gated-at.bofh.it>
2005-04-17 23:52 ` Bodo Eggert <harvested.in.lkml@posting.7eggert.dyndns.org>
2005-04-19 11:57 ` Eric Van Hensbergen
2005-04-19 15:01 ` Bodo Eggert
2005-04-19 15:21 ` Miklos Szeredi
2005-04-19 15:26 ` Eric Van Hensbergen
2005-04-19 16:02 ` Bodo Eggert
2005-04-19 19:29 ` Eric Van Hensbergen
2005-04-20 3:59 ` Mike Waychison
2005-04-20 7:09 ` Miklos Szeredi
[not found] <3UrQt-2Js-3@gated-at.bofh.it>
[not found] ` <3SpIW-6UA-17@gated-at.bofh.it>
[not found] ` <3SpIW-6UA-19@gated-at.bofh.it>
[not found] ` <3SpIW-6UA-21@gated-at.bofh.it>
[not found] ` <3UrQt-2Js-5@gated-at.bofh.it>
[not found] ` <3UrQt-2Js-1@gated-at.bofh.it>
[not found] ` <3UZyS-55i-39@gated-at.bofh.it>
[not found] ` <3V2wG-7HR-19@gated-at.bofh.it>
[not found] ` <3V2PX-7Vh-23@gated-at.bofh.it>
[not found] ` <3V6Ae-2Ce-17@gated-at.bofh.it>
[not found] ` <3V6JW-2K9-49@gated-at.bofh.it>
[not found] ` <3VeHl-NF-3@gated-at.bofh.it>
2005-04-20 19:52 ` Bodo Eggert <harvested.in.lkml@posting.7eggert.dyndns.org>
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a4e6962a0504171257715cffc0@mail.gmail.com \
--to=ericvh@gmail.com \
--cc=akpm@osdl.org \
--cc=hch@infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=viro@parcelfarce.linux.theplanet.co.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).