From mboxrd@z Thu Jan  1 00:00:00 1970
From: Eric Van Hensbergen <ericvh@gmail.com>
Subject: Re: [PATCH] private mounts
Date: Tue, 26 Apr 2005 10:01:45 -0500
Message-ID: <a4e6962a05042608013534505a@mail.gmail.com>
References: <1114445923.4480.94.camel@localhost>
	 <E1DQMGZ-00009n-00@dorka.pomaz.szeredi.hu>
	 <20050426093628.GA30208@infradead.org>
	 <E1DQMYu-0000DL-00@dorka.pomaz.szeredi.hu>
	 <20050426030010.63757c8c.akpm@osdl.org>
	 <20050426100412.GA30762@infradead.org>
	 <20050426031414.260568b5.akpm@osdl.org>
	 <20050426103859.GA31468@infradead.org>
	 <a4e6962a05042606053c1e6ba8@mail.gmail.com>
	 <E1DQQpD-0000dL-00@dorka.pomaz.szeredi.hu>
Reply-To: Eric Van Hensbergen <ericvh@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7BIT
Cc: hch@infradead.org, akpm@osdl.org, jamie@shareable.org,
	linuxram@us.ibm.com, 7eggert@gmx.de, bulb@ucw.cz,
	viro@parcelfarce.linux.theplanet.co.uk,
	linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from wproxy.gmail.com ([64.233.184.207]:30469 "EHLO wproxy.gmail.com")
	by vger.kernel.org with ESMTP id S261553AbVDZPBp convert rfc822-to-8bit
	(ORCPT <rfc822;linux-fsdevel@vger.kernel.org>);
	Tue, 26 Apr 2005 11:01:45 -0400
Received: by wproxy.gmail.com with SMTP id 68so1941020wri
        for <linux-fsdevel@vger.kernel.org>; Tue, 26 Apr 2005 08:01:45 -0700 (PDT)
To: Miklos Szeredi <miklos@szeredi.hu>
In-Reply-To: <E1DQQpD-0000dL-00@dorka.pomaz.szeredi.hu>
Content-Disposition: inline
Sender: linux-fsdevel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

On 4/26/05, Miklos Szeredi <miklos@szeredi.hu> wrote:
> > that complicates things a great deal, however -- if you split the
> > concept of "srv points" from file system mounts and remount the file
> > system (perhaps automatically as part of initiating the session) for
> > every new login -- then you can revalidate security at each of these
> > mounts.
> 
> Why would you have to revalidate?  A simple bind mount would suffice.
> However, joining another sessions namespace makes more sense, than
> copying the mounts individually.
> 

Well, the forced revalidation was an attempt to protect "user-data"
from root, which, as you pointed out in your reply, is a somewhat
sketchy thing.  It may also be useful if you wish to share a
filesystem/namespace with a subset of users with a permissions model
outside of the normal user/groups model (which the user doesn't really
have any control over).

Anyways, just an additional idea for consideration -- as I said, I
don't really feel a strong need for this, so perhaps its best
forgotten for now.

          -eric