On 07/03/2014 02:28 AM, Qu Wenruo wrote:
>
> -------- Original Message --------
> Subject: Re: [RFC PATCH] Revert "btrfs: allow mounting btrfs subvolumes with
> different ro/rw options"
> From: Goffredo Baroncelli <[email protected]>
> To: Qu Wenruo <[email protected]>, [email protected]
> Date: 2014年07月03日 01:48
>> On 07/01/2014 11:30 AM, Qu Wenruo wrote:
>>> This commit has the following problem:
>>> 1) Break the ro mount rule.
>>> When users mount the whole btrfs ro, it is still possible to mount
>>> subvol rw and change the contents. Which make the whole fs ro mount
>>> non-sense.
>> Where is the problem ? I see an use case when I want a conservative default:
>> mount all ro except some subvolumes.
>>
>> In any case it is not a security problem because if the user has the
>> capability to mount a subvolume, also he has the capability to remount,rw
>> the whole filesystem.
>>
>>
>>
> Not security problem but behavior not consistent.
> If user mount the whole disk ro, he or she want the fs read only and nothing
> will change in it.
> If you mount a subvol rw, then the whole disk ro expectation is broken.
> Things will change even the whole
> disk is readonly.
Sorry for bother you again, but there is a thing not clear to me:
If
# mount -o subvolid=5,ro /dev/sda1 /mnt/root
# mount -o subvol=subvolname,rw /dev/sda1 /mnt/subvolname
I suppose that
# touch /mnt/root/touch-test # 1
fails, and
# touch /mnt/subvolname/touch-test # 2
succeeded. I understood correctly ? If so this behaviour seems to me correctly.
Different is after mounting the subvolume "subvolumename", also the whole
filesystem results rw (eg: #1 succeeded).
G.Baroncelli
>
> The problem also happens when a parent subvol is mounted rw but child subvol
> is mounted ro.
> User can still modify the child subvol through parent subvol, still broke the
> readonly rule.
>
> Thanks,
> Qu
>
--
gpg @keyserver.linux.it: Goffredo Baroncelli (kreijackATinwind.it>
Key fingerprint BBF5 1610 0B64 DAC6 5F7D 17B2 0EDA 9B37 8B82 E0B5
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
