vserver development mailing list: Re: [Vserver] readonly bind mount

Re: [Vserver] readonly bind mount:
vserver development mailing list
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Jun OKAJIMA (okajima_at_digitalinfra.co.jp)
Date: Mon 05 Sep 2005 - 12:01:41 BST

Previous message: Sam Vilain: "[Vserver] [patch] fix sched on amd64"
In reply to: Herbert Poetzl: "Re: [Vserver] readonly bind mount"
Next in thread: Herbert Poetzl: "Re: [Vserver] readonly bind mount"
Reply: Herbert Poetzl: "Re: [Vserver] readonly bind mount"

>> I mean, I can write -o ro mounted dirs!. Why?
>
>because the mainline kernel folks are lazy and
>Al Viro considers this a feature instead of a bug :)
>

Thanks and I understand why.
But, if so, something like this could happen,
even with your BME patch.

[Host] # mount -o bind,ro /etc /vserver/103/etc
[Host] # vserver 103 start
[103] # cat /etc/shadow
....you can see shadowed passes from vserver.

I think a root under vserver should be like this:
1. for files under /vserver/103/* -> same as real root.
2. for files bind-mounted from host / -> same as normal user.
your opinion is?

--- Okajima, Jun. Tokyo, Japan.
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Previous message: Sam Vilain: "[Vserver] [patch] fix sched on amd64"
In reply to: Herbert Poetzl: "Re: [Vserver] readonly bind mount"
Next in thread: Herbert Poetzl: "Re: [Vserver] readonly bind mount"
Reply: Herbert Poetzl: "Re: [Vserver] readonly bind mount"

About this list	Date view	Thread view	Subject view	Author view	Attachment view

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Mon 05 Sep 2005 - 12:02:13 BST by hypermail 2.1.3