On Wed, Oct 16, 2019 at 05:01:57PM +0100, Stefan Hajnoczi wrote:
[..]
> + /*
> + * If the mounts have shared propagation then we want to opt out so our
> + * mount changes don't affect the parent mount namespace.
> + */
> + if (mount(NULL, "/", NULL, MS_REC|MS_SLAVE, NULL) < 0) {
> + fuse_log(FUSE_LOG_ERR, "mount(/, MS_REC|MS_SLAVE): %m\n");
> + exit(1);
> + }
So we will get mount propogation form parent but our mounts will not
propagate back. Sounds reasonable.
Can we take away CAP_SYS_ADMIN from virtiofsd? That way it will not be
able to do mount at all.
I am wondering are we dependent on daemon having CAP_SYS_ADMIN.
Thanks
Vivek
