Andries Brouwer wrote:
> So many setups are based on the physical separation of parts of the
> tree. What would happen with "chown -R"? It really cannot be used
> anymore (without my --from option). "rm -r"? Just the same - I create
> a 10 GB tree in /tmp, wait until the sysadmin does the "rm -rf", and
> then quickly use bind to attach some interesting stuff to this tree.
For most uses, the illusion of multiple mounts is provided very nicely
by symbolic links. It works, and programs which should not be confused
can make a point of not following links. For example a program that
does "rm -rf" in /tmp.
So what use is mount -t bind?
One use is to hide the fact that anything is linked. This it does very
well. Disturbingly well :-) I don't know of a legitimate use for this
Another use is to link out of chroot jails, or other directory
protection domains. This is a nice feature -- but it could also be
implemented with a semantic extension to symbolic links. This would be
nice because the link would still be clearly distinguished as such.
> In fact I think that the present implementation was a mistake.
> We do not want a bind without privileges and with global effect.
> We want the bind that one user does to affect only his own namespace.
> Only root should be able to affect other people's namespace.
I still don't see _any_ reason for the new vfsmnt/dentry stuff. What do
you gain? The ability to mount devfs in chroot jails. In a chroot
jail, you don't want the same devfs tree as you find in /dev anyway.
What do you lose? The vfs data structure is even more complicated now,
with yet another layer of indirection. And the user space view of
filesystems is more complicated too.
I'm sure it's very clever, but I really don't see the point.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to firstname.lastname@example.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:16 EST