Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262409AbVDLOpP (ORCPT ); Tue, 12 Apr 2005 10:45:15 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262344AbVDLOoR (ORCPT ); Tue, 12 Apr 2005 10:44:17 -0400 Received: from mail.shareable.org ([81.29.64.88]:13984 "EHLO mail.shareable.org") by vger.kernel.org with ESMTP id S262260AbVDLOhW (ORCPT ); Tue, 12 Apr 2005 10:37:22 -0400 Date: Tue, 12 Apr 2005 15:37:07 +0100 From: Jamie Lokier To: "Bodo Eggert " <7eggert@gmx.de> Cc: Miklos Szeredi , dan@debian.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, hch@infradead.org, akpm@osdl.org, viro@parcelfarce.linux.theplanet.co.uk Subject: Re: [RFC] FUSE permission modell (Was: fuse review bits) Message-ID: <20050412143707.GD10995@mail.shareable.org> References: <3S8oN-So-27@gated-at.bofh.it> <3S8oM-So-7@gated-at.bofh.it> <3S9b7-1yl-1@gated-at.bofh.it> <3S9uB-1Lj-3@gated-at.bofh.it> <3SbG5-3Mb-41@gated-at.bofh.it> <3ScC1-4zl-1@gated-at.bofh.it> <3ScLO-4GA-9@gated-at.bofh.it> <3SdeV-54h-21@gated-at.bofh.it> <3SeXf-6BK-21@gated-at.bofh.it> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1231 Lines: 28 Bodo Eggert wrote: > >> That is exactly the intended effect. If I'm at my work machine (where > >> I'm not an admin unfortunately) and I mount my home machine with sshfs > >> (because FUSE is installed fortunately :), then I bloody well don't > >> want the sysadmin or some automated script of his to go mucking under > >> the mountpoint. > > > > I think that would be _much_ nicer implemented as a mount which is > > invisible to other users, rather than one which causes the admin's > > scripts to spew error messages. Is the namespace mechanism at all > > suitable for that? > > This will require shared subtrees plus a way for new logins from the same > user to join an existing (previous login) namespace. Or "per-user namespaces". It's part of a more general problem of how you limit access to private data such as crypto keys, either per user, or more finely than that. Isn't that what all the keyring stuff is for? -- Jamie - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/