From: viro@parcelfarce.linux.theplanet.co.uk
To: Trond Myklebust <trond.myklebust@fys.uio.no>
Cc: Nikita Danilov <Nikita@Namesys.COM>,
linux kernel mailing list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH-RFC] code for raceless /sys/fs/foofs/*
Date: Wed, 5 May 2004 18:16:50 +0100 [thread overview]
Message-ID: <20040505171650.GP17014@parcelfarce.linux.theplanet.co.uk> (raw)
In-Reply-To: <1083776930.3622.45.camel@lade.trondhjem.org>
On Wed, May 05, 2004 at 01:08:50PM -0400, Trond Myklebust wrote:
> On Wed, 2004-05-05 at 12:36, viro@parcelfarce.linux.theplanet.co.uk
> wrote:
>
> > We also allow anyone with sysfs mounted to see which filesystems are currently
> > mounted on the box - again, regardless of being able to see them in the
> > chroot jail/restricted namespace/etc. It can easily become an issue in
> > setups where such information is sensitive.
>
> ...but are you *really* likely to be mounting sysfs in a chrooted jail
> or restricted namespace?
>
> ...and if you do, aren't you more likely to simply 'mount --bind' those
> minimal parts of sysfs that you actually need for the given process that
> is gaoled?
With the way things are going on, I suspect that it will be hard to maintain.
For one thing, more and more is put there. For another, we certainly _do_
need a way to export per-superblock data and "all or nothing" approach will
be more and more painful as new applications of that show up.
Don't get me wrong - I absolutely agree that there is a need of safe way to
export per-fs data in some way; it is true for NFS, it is about the only
sane way to do online defragmentation, etc.
This is going to be used much wider than reiser4 and as soon as mechanism
goes in we'll see a bunch of applications. The only real question is what
sort of API would be the right one, and that's why I don't like the solutions
along the lines of "you'll never want to use that in restricted setups".
next prev parent reply other threads:[~2004-05-05 17:16 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-05-05 13:53 [PATCH-RFC] code for raceless /sys/fs/foofs/* Nikita Danilov
2004-05-05 16:28 ` viro
2004-05-05 16:36 ` viro
2004-05-05 17:08 ` Trond Myklebust
2004-05-05 17:16 ` viro [this message]
2004-05-06 15:48 ` Paul P Komkoff Jr
2004-05-06 16:35 ` Nikita Danilov
2004-05-06 17:16 ` Valdis.Kletnieks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040505171650.GP17014@parcelfarce.linux.theplanet.co.uk \
--to=viro@parcelfarce.linux.theplanet.co.uk \
--cc=Nikita@Namesys.COM \
--cc=linux-kernel@vger.kernel.org \
--cc=trond.myklebust@fys.uio.no \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox