On Wed, Sep 17, 2014 at 04:54:48AM +0100, Al Viro wrote: > On Tue, Sep 16, 2014 at 11:05:00PM -0400, Shea Levy wrote: > > Hi all, > > > > What work would be required to mark btrfs_fs_type with FS_USERNS_MOUNT > > so that btrfs images can be mounted by unprivileged users within a user > > namespace (along with something like [1])? I'd like to be able to create > > disk images without having to start a VM (and --rootdir isn't flexible > > enough because I want to make subvolumes). > > Er... Which is to say, you have an audit of btrfs code making sure that > it can cope with arbitrary image hand-crafted by potential attacker?
It definitely can't cope. The easiest places to find bugs are the hundreds of BUG_ON() sites, many can be triggered by on-disk structures. The sheer volume of those makes me trust that you could find much worse if you did a thorough audit. - z (fun related fact: distros automount btrfs images) -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
