From: Shea Levy <shea@shealevy.com>
To: Zach Brown <zab@zabbo.net>
Cc: Al Viro <viro@ZenIV.linux.org.uk>,
linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: Setting FS_USERNS_MOUNT in btrfs_fs_type.fs_flags
Date: Wed, 17 Sep 2014 16:31:35 -0400 [thread overview]
Message-ID: <20140917203135.GC2068@nixos> (raw)
In-Reply-To: <20140917161214.GC20887@lenny.home.zabbo.net>
On Wed, Sep 17, 2014 at 09:12:14AM -0700, Zach Brown wrote:
> On Wed, Sep 17, 2014 at 04:54:48AM +0100, Al Viro wrote:
> > On Tue, Sep 16, 2014 at 11:05:00PM -0400, Shea Levy wrote:
> > > Hi all,
> > >
> > > What work would be required to mark btrfs_fs_type with FS_USERNS_MOUNT
> > > so that btrfs images can be mounted by unprivileged users within a user
> > > namespace (along with something like [1])? I'd like to be able to create
> > > disk images without having to start a VM (and --rootdir isn't flexible
> > > enough because I want to make subvolumes).
> >
> > Er... Which is to say, you have an audit of btrfs code making sure that
> > it can cope with arbitrary image hand-crafted by potential attacker?
>
> It definitely can't cope. The easiest places to find bugs are the
> hundreds of BUG_ON() sites, many can be triggered by on-disk structures.
> The sheer volume of those makes me trust that you could find much worse
> if you did a thorough audit.
>
> - z
> (fun related fact: distros automount btrfs images)
OK, so it seems like the answer to my question is "a helluva lot". Guess
I won't count on seeing it any time soon :)
Thanks,
Shea
prev parent reply other threads:[~2014-09-17 20:31 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-17 3:05 Setting FS_USERNS_MOUNT in btrfs_fs_type.fs_flags Shea Levy
2014-09-17 3:54 ` Al Viro
2014-09-17 16:12 ` Zach Brown
2014-09-17 20:31 ` Shea Levy [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140917203135.GC2068@nixos \
--to=shea@shealevy.com \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@ZenIV.linux.org.uk \
--cc=zab@zabbo.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).