On Mon, Sep 05, 2005 at 08:01:41PM +0900, Jun OKAJIMA wrote: > >> I mean, I can write -o ro mounted dirs!. Why? > > > >because the mainline kernel folks are lazy and > >Al Viro considers this a feature instead of a bug :) > > > > Thanks and I understand why. > But, if so, something like this could happen, > even with your BME patch. > > [Host] # mount -o bind,ro /etc /vserver/103/etc > [Host] # vserver 103 start > [103] # cat /etc/shadow > ....you can see shadowed passes from vserver. > > I think a root under vserver should be like this: > 1. for files under /vserver/103/* -> same as real root. > 2. for files bind-mounted from host / -> same as normal user.
that would add additional policy to the kernel which is a) not required and b) limiting, because what if somebody wants to share a dir between two guests via --bind mounts? also do not forget that usually linux-vserver guests have a separate namespace, so --bind mounts done on the host system are not necessarily present in the guest namespace ... > your opinion is? that is part of the host administration process. as admin, you should _always_ know what you are doing, and what the possible implications are ... --bind mounting the host /etc into a guest is playing with fire in any case ... so simply just don't do it unless guest root is trusted. best, Herbert > --- Okajima, Jun. Tokyo, Japan. _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
