Re: -mm -> 2.6.13 merge status (fuse)

[Miklos Szeredi]

> I don't think this should be objectionable, since we already have
> times when root-owned tasks can get EACCESS when accessing some
> filesystem.  This can happen with any distributed filesystem that
> enforces real security --- whether it be nfs-root-squash, or the
> Andrew Filesystem, or NFSv4.  Root can get "permission denied" when
> some other userid with appropriate credentials would be allowed to
> access the file/directory.

Right.

> On the other hand, sometimes a root process, or some other user's
> process, might _want_ to give permission to allow a trusted FUSE
> filesystem the potential to monkey with it (return potentially
> untrusted information, or stop it entirely), in exchange for access to
> the filesystem.  So it would be nice if there was some way that a
> process could tell the kernel that it is willing to give permission to
> allow certain FUSE filesystems to potentially affect it.  Say, via a
> fnctl() call, perhaps.

Hmm.  'su' works for root.  

How do you think fcntl() could be used?  I think a task flag settable
via prctl() would be more appropriate.

Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/