On Tue, 2005-04-19 at 18:24, Eric Van Hensbergen wrote: > This is again related to the FUSE permission thread, but a slightly > different idea and without a slimy hack patch. > > I really want to enable users to be able to create private namespaces, > but I want to try and avoid creating a venerability by allowing them > to abuse system resources. It looks like this can be done by adding > RLIMIT_NEWNS as a per-user resource limit, and tracking the number of > private namespaces a user has in the user_struct. Any time a user > creates a private namespace (either via clone with CLONE_NEWNS) or any > other method, this limit is checked and the per user count is > incremented (in copy_namespace). When namespaces are cleaned up (in > __put_namespace), the per-user count is decremented. > > Is this sufficient to cover any exposure? What's the correct solution > for the shared sub-trees RFC? Should there be something similar for > user mounts/binds?
A new namespace in a shared subtree realm can create number-of- private-namespaces number of mounts or binds depending on the number of binds and mounts in the shared tree. for example if there were 10 shared vfsmounts in the original namespace, a new private namespace will duplicate 10 of these, and any mount or bind attempted in any of these vfsmounts will double the number of mounts and binds. Hence probably you may want to keep a tab on the number mounts and binds a user does, instead of keeping a tab on the number of namespaces a user creates. RP > > -eric > - > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in > the body of a message to [EMAIL PROTECTED] > More majordomo info at http://vger.kernel.org/majordomo-info.html - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
