public inbox for linux-xfs@vger.kernel.org
 help / color / mirror / Atom feed
From: Gao feng <gaofeng@cn.fujitsu.com>
To: Dave Chinner <david@fromorbit.com>
Cc: bfoster@redhat.com, dwight.engen@oracle.com,
	ebiederm@xmission.com, xfs@oss.sgi.com
Subject: Re: [PATCH 0/4] xfs: Allow user to change project id in un-init userns
Date: Tue, 10 Sep 2013 09:20:20 +0800	[thread overview]
Message-ID: <522E73D4.1080805@cn.fujitsu.com> (raw)
In-Reply-To: <20130910004210.GX12779@dastard>

On 09/10/2013 08:42 AM, Dave Chinner wrote:
> On Fri, Sep 06, 2013 at 11:30:33AM +1000, Dave Chinner wrote:
>> On Wed, Sep 04, 2013 at 02:38:33PM +0800, Gao feng wrote:
>>> This patchset add two helper functions to convert user space project id
>>> to kernel space project id without any struct changed.
>>>
>>> Since the projid_map of user namespace has limit the range of valid project
>>> ids for user namespace, we can safely allow user to change file's project
>>> id in un-init user namespace.
>>
>> This doesn't address any of the concerns about whether access to
>> project IDs are valid in a user namaspacee environment.
>>
>> Project IDs are not the same as UIDs and GIDs. They got included in
>> all the mapping stuff because of the fact that they are used for
>> quotas, but the fact is that they are not a property owned by a user
>> or a group or control access.
>>
>> IOWs, project IDs are an *accounting* construct rather than an
>> *access control mechanism* If project IDs are being used by the
>> system administrators for accounting the space used by a *mount
>> namespace* container, then they must not be modifiable by a user
>> in a user namespace.
>>
>> This is a fundamentally different use case from UID/GID mapping,
>> because there is no possible competing access for on-disk uid/gid
>> fields possible from the initns like there is for project quotas.
>> IOWs, project quota IDs are not owned by a namespace, and so mapping
>> them like we do for UID/GID is not clearly the right solution for
>> everyone.
>>
>> So, there's a bigger policy issue here that needs to be decided
>> first. i.e. whether project quotas and therefore project IDs should
>> be accessible to users inside a user namespace.
>>
>> If we decide to make it optional so that a system administrator can
>> chose whether project IDs are to be mapped via the userns mapping
>> infrastructure, then we need some kind of infrastructure to support
>> and enforce that first.
> 
> BTW, if we are making project IDs mapped to userns, stuff like
> XFS_PROJID_DEFAULT and project ID inheritence need work as well...
> 


Yes, let's make it simple, if we find some cases that we have to make
project IDs mapped to userns, let's restart this work :)

Thanks

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

      reply	other threads:[~2013-09-10  1:18 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-09-04  6:38 [PATCH 0/4] xfs: Allow user to change project id in un-init userns Gao feng
2013-09-04  6:38 ` [PATCH 1/4] xfs: add helper function to convert project id between user and kernel space Gao feng
2013-09-04  6:38 ` [PATCH 2/4] userns: ioctl: " Gao feng
2013-09-04  6:38 ` [PATCH 3/4] xfs: allow un-init user namespace to change file's project id Gao feng
2013-09-04  6:38 ` [PATCH 4/4] userns: eofblocks: convert project id from user to kernel space Gao feng
2013-09-06  1:30 ` [PATCH 0/4] xfs: Allow user to change project id in un-init userns Dave Chinner
2013-09-10  0:42   ` Dave Chinner
2013-09-10  1:20     ` Gao feng [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=522E73D4.1080805@cn.fujitsu.com \
    --to=gaofeng@cn.fujitsu.com \
    --cc=bfoster@redhat.com \
    --cc=david@fromorbit.com \
    --cc=dwight.engen@oracle.com \
    --cc=ebiederm@xmission.com \
    --cc=xfs@oss.sgi.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox