I don't see how it is possible to implement what you are suggesting
without every inode operation having to follow a chain of inodes
before doing the real operation. It seems a lot of work for not much gain.
> > I don't actually see the point of implementing a read-only loopback
> > mount. There are already protection mechanisms in the kernel to
> > prevent one user from writing to another user's files. If you need to
> > run a program so that it cannot write to any files, just run the
> > program under a different uid.
>
> I guess you never notice the CERT security notices, then?
Are you suggesting that on Linux, one user can write to another's
files? (I'm assuming that people aren't stupid enough to have world
writable files etc.) If so, that's a bug that should be fixed.
If not, could you give a few more details rather than cryptic
comments?
Peter
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/