From: Tejun Heo <tj@kernel.org>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: fuse-devel@lists.sourceforge.net, greg@kroah.com,
linux-kernel@vger.kernel.org
Subject: Re: [PATCHSET] FUSE: extend FUSE to support more operations
Date: Thu, 13 Nov 2008 15:06:27 +0900 [thread overview]
Message-ID: <491BC3E3.7040903@kernel.org> (raw)
In-Reply-To: <491A96AE.3080600@kernel.org>
Tejun Heo wrote:
>> I still got qualms about this ioctl thing. One is the security
>> aspect, but that could be dealt with. The other is that I really
>> really don't want people to start implementing new custom ioctls for
>> their filesystems, as I think that way lies madness. We could limit
>> ioctls to CUSE and that would be fine with me. Or for non-CUSE users
>> we could enforce the "standard" format where the type and length is
>> encoded in the command number.
>
> For now, I'll limit ioctl to CUSE. Hmmm... Yeah, limiting ioctl to
> well-formatted ones sounds like a good idea.
>
>> I don't have any problems with the iterative way you implemented
>> ioctls. We just need some additional restrictions to the current
>> implementation, I think.
I've been thinking about this a bit more. What do you think about
putting the following restrictions?
1. FUSE server can only support well-formed ioctls. At the kernel side,
the interfaces remains the same for both FUSE and CUSE but libfuse only
exports well-formed ioctl API.
2. ioctl can only be used by FUSE server running as root (would this be
necessary? I'm not sure. To me it seems all the necessary protections
are already there).
Thanks.
--
tejun
next prev parent reply other threads:[~2008-11-13 6:06 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-28 17:40 [PATCHSET] FUSE: extend FUSE to support more operations Tejun Heo
2008-08-28 17:40 ` [PATCH 1/7] FUSE: add include protectors Tejun Heo
2008-08-28 17:40 ` [PATCH 2/7] FUSE: pass nonblock flag to client Tejun Heo
2008-08-28 17:40 ` [PATCH 3/7] FUSE: implement nonseekable open Tejun Heo
2008-08-28 17:41 ` [PATCH 4/7] FUSE: implement direct lseek support Tejun Heo
2008-08-28 17:41 ` [PATCH 5/7] FUSE: implement ioctl support Tejun Heo
2008-08-28 17:51 ` Greg KH
2008-08-28 17:59 ` Tejun Heo
2008-08-28 18:01 ` Tejun Heo
2008-08-28 18:13 ` Miklos Szeredi
2008-08-28 18:17 ` Tejun Heo
2008-08-28 18:23 ` Miklos Szeredi
2008-08-28 18:34 ` Tejun Heo
2008-08-28 19:25 ` Miklos Szeredi
2008-08-28 19:42 ` Tejun Heo
2008-08-28 20:02 ` Miklos Szeredi
2008-08-29 2:19 ` Tejun Heo
2008-08-29 7:59 ` Miklos Szeredi
2008-08-29 8:12 ` Tejun Heo
2008-08-29 8:29 ` Miklos Szeredi
2008-08-29 9:03 ` Tejun Heo
2008-08-29 19:17 ` Eric W. Biederman
2008-08-29 19:47 ` Arnd Bergmann
2008-08-30 11:40 ` Tejun Heo
2008-09-01 11:57 ` Miklos Szeredi
2008-09-01 12:03 ` Tejun Heo
2008-09-03 14:32 ` Eric W. Biederman
2008-09-03 14:40 ` Tejun Heo
2008-09-03 21:51 ` Eric W. Biederman
2008-09-04 0:09 ` Tejun Heo
2008-08-29 11:31 ` [fuse-devel] " Roger Willcocks
2008-08-29 11:54 ` Tejun Heo
2008-08-28 20:48 ` Alan Cox
2008-08-28 18:02 ` Tejun Heo
2008-08-28 18:14 ` Greg KH
2008-08-28 18:25 ` Tejun Heo
2008-08-28 18:20 ` H. Peter Anvin
2008-08-28 18:28 ` Tejun Heo
2008-08-28 19:08 ` H. Peter Anvin
2008-08-28 19:18 ` Miklos Szeredi
2008-08-28 20:21 ` H. Peter Anvin
2008-08-28 20:55 ` Miklos Szeredi
2008-08-28 21:27 ` H. Peter Anvin
2008-08-29 7:32 ` Miklos Szeredi
2008-08-28 17:41 ` [PATCH 6/7] FUSE: implement unsolicited notification Tejun Heo
2008-08-28 17:41 ` [PATCH 7/7] FUSE: implement poll support Tejun Heo
2008-08-28 18:20 ` [PATCHSET] FUSE: extend FUSE to support more operations Miklos Szeredi
2008-08-28 18:23 ` Tejun Heo
2008-10-14 8:21 ` Tejun Heo
2008-10-14 9:37 ` Miklos Szeredi
2008-10-14 12:16 ` [fuse-devel] " Szabolcs Szakacsits
2008-10-14 12:43 ` Miklos Szeredi
[not found] ` <2cff7cb50810141032m5793a405h7425dfa122fb67ba@mail.gmail.com>
2008-10-14 21:04 ` Miklos Szeredi
2008-11-12 8:41 ` Tejun Heo
2008-11-12 9:14 ` Christoph Hellwig
2008-11-12 9:30 ` Tejun Heo
2008-11-12 9:36 ` Miklos Szeredi
2008-11-12 9:43 ` [fuse-devel] " Mike Hommey
2008-11-12 10:00 ` Miklos Szeredi
2008-11-13 5:54 ` Tejun Heo
2008-11-13 6:06 ` Tejun Heo [this message]
2008-11-13 11:19 ` Miklos Szeredi
2008-11-13 11:29 ` Tejun Heo
2008-11-13 11:57 ` Miklos Szeredi
2008-11-13 12:14 ` Tejun Heo
2008-11-13 6:26 ` Tejun Heo
2008-11-13 11:47 ` Miklos Szeredi
2008-11-13 11:54 ` Tejun Heo
2008-11-13 11:58 ` Miklos Szeredi
2008-11-13 12:34 ` Miklos Szeredi
2008-11-13 13:23 ` Tejun Heo
2008-11-13 13:42 ` Miklos Szeredi
2008-11-13 14:29 ` Tejun Heo
2008-11-13 14:48 ` Miklos Szeredi
2008-11-13 15:10 ` Tejun Heo
2008-11-13 15:52 ` Miklos Szeredi
2008-11-13 16:00 ` Tejun Heo
2008-11-17 9:17 ` Tejun Heo
2008-11-17 10:16 ` [fuse-devel] " Miklos Szeredi
2008-11-18 3:32 ` Tejun Heo
2008-11-18 9:33 ` Miklos Szeredi
2008-11-18 10:30 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=491BC3E3.7040903@kernel.org \
--to=tj@kernel.org \
--cc=fuse-devel@lists.sourceforge.net \
--cc=greg@kroah.com \
--cc=linux-kernel@vger.kernel.org \
--cc=miklos@szeredi.hu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).