Thread (2 messages) 2 messages, 2 authors, 2013-08-15

Re: DoS with unprivileged mounts

From: Miklos Szeredi <miklos@szeredi.hu>
Date: 2013-08-15 04:59:59
Also in: lkml

On Wed, Aug 14, 2013 at 9:32 PM, Eric W. Biederman
[off-list ref] wrote:
quoted
The solution is also theoretically simple: mounts in unpriv namespaces
are marked "volatile" and are dissolved on an unlink type operation.

Such volatile mounts would be useful in general too.
Agreed.

This is a problem that is a general pain with mount namespaces in
general.

I think the real technical hurdle is finding the mounts t in some random
mount namespace.  Once we can do that relatively efficiently the rest
becomes simple.
We already have a "struct mountpoint" hashed on the dentry.  Chaining
mounts on that mountpoint would be trivial.  And we need a
MNT_VOLATILE flag and that's it.  If we fear that traversing the list
of mounts on the dentry to check for non-volatile ones then we could
also add a separate volatile counter to struct mountpoint and a
matching flag to the dentry.  But I don't think that's really
necessary.

Thanks,
Miklos
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help