Hi, Thanks for letting me know about this discussion. Serge is correct. By allowing this flag, an un-privileged user can mount aufs filesystem within the user namespace and the administrator needs to be aware of this. However, I am not sure about the harm in letting an unprivileged user mount the aufs filesystem. The file permissions cannot be violated even in a user namespace.
As Eric said: "The rule with filesystems like that is mounting them needs to be no more dangerous than bind mounting them." And I think, this is true for aufs filesystem. Please correct me if I am wrong. Thanks, Bhushan ________________________________________ From: sf...@users.sourceforge.net [sf...@users.sourceforge.net] Sent: Wednesday, July 17, 2013 9:57 AM To: Bhushan Jain; aufs-users@lists.sourceforge.net Subject: Re: Aufs support for Linux User namespace sf...@users.sourceforge.net: > Bhushan Jain: > > Attached is a sample code that creates a user namespace and maps the un-pri= > > vileged user to root within the namespace.=0A= > > The user namespace can be used for sandboxing. Having aufs support within t= > > he user namespace can help create a chroot environment where multiple direc= > > tories are united into a single filesystem.=0A= > > Thanks for the sample code. > Personally, user-ns is not attractive for me, at the same time I don't > have strong objection. So I will merge your patch. Intrestingly, very similar discussion happened on LKML. See this and its thread. Date: Tue, 16 Jul 2013 14:29:20 -0500 From: Serge Hallyn <serge.hal...@ubuntu.com> Subject: [PATCH RFC] allow some kernel filesystems to be mounted in a user namespace The patch sets FS_USERNS_MOUNT for debugfs, fuse and securityfs. But at the end of the thread, he wrote Right so the specific problem this patch introduces is: An admin who is using a distro kernel with these filesystems enabled but not mounted, without this patch does not have to worry about unprivileged users being able to access the fs. With this patch, he does. Thanks everyone, I withdraw this patch. If such problem really exists, it might be better for aufs NOT to set FS_USERNS_MOUNT I suppose. J. R. Okajima ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk