Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755389AbcDLBcx (ORCPT ); Mon, 11 Apr 2016 21:32:53 -0400 Received: from zeniv.linux.org.uk ([195.92.253.2]:57171 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750719AbcDLBcw (ORCPT ); Mon, 11 Apr 2016 21:32:52 -0400 Date: Tue, 12 Apr 2016 02:31:36 +0100 From: Al Viro To: "H. Peter Anvin" Cc: Linus Torvalds , Andy Lutomirski , security@debian.org, security@kernel.org, "security@ubuntu.com >> security" , Peter Hurley , "Eric W. Biederman" , Serge Hallyn , Willy Tarreau , Aurelien Jarno , One Thousand Gnomes , Jann Horn , Greg KH , Linux Kernel Mailing List , Jiri Slaby , Florian Weimer Subject: Re: [PATCH 01/13] devpts: Teach /dev/ptmx to find the associated devpts via path lookup Message-ID: <20160412013136.GM25498@ZenIV.linux.org.uk> References: <20160409140909.42315e6d@lxorguk.ukuu.org.uk> <83FE8CD2-C0A2-4ADB-AEBD-8DD89AD4F88A@zytor.com> <87bn5ij0x1.fsf@x220.int.ebiederm.org> <78205895-E11D-417F-91DC-4BCA0B61A122@zytor.com> <186305CD-6D16-494A-B76E-299E1A85CF7A@zytor.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <186305CD-6D16-494A-B76E-299E1A85CF7A@zytor.com> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 589 Lines: 9 On Mon, Apr 11, 2016 at 07:48:28AM -0700, H. Peter Anvin wrote: > Here is an entire different approach, I don't know if it is sane or not: when *mounting* the devpts filesystem, it could automagically create the bins mount for ptmx in the parent of its mount point. Presumably the would be a mount option to disable that behavior. > > Does anyone see an obvious problem with that? Yes. ->mount() doesn't (and fucking *shouldn't*) know anything about the mountpoint to be. Not to mention that the same superblock can easily end up being visible in many places, etc. This is insane.