Ubuntu

Support mounts by unprivileged users

Registered by Serge Hallyn on 2010-10-14

Much work has been done to safely support mounting (especially bind
mounts) by unprivileged users. The last attempt (in 2008) to push this
functionality stopped the problem of possible DOS on rmdir/unlink
by unprivileged users, as documented at

http://lkml.org/lkml/2008/9/11/162

Working with the community on a workaround and finally pushing this
functionality could allow a pretty great reduction in the amount
of root access needed to do useful mounting.

Read the full specification

Blueprint information

Status:: Complete

Approver:: Robbie Williamson

Priority:: Undefined

Drafter:: Serge Hallyn

Direction:: Needs approval

Assignee:: Serge Hallyn

Definition:: Obsolete

Series goal:: None

Implementation:: Unknown

Milestone target:: None

Completed by: Serge Hallyn on 2011-05-18

Related branches

Related bugs

Sprints

uds-n

Whiteboard

Work Items:
[kees] Review patch and summarize analysis/objections/attack vectors: TODO
[serge-hallyn] Follow up on patch to fix scm credentials across userns (ebiederman's patch is in): DONE

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

Bilal Akhtar

Chad Miller

Colin Watson

Evan Broder

John Johansen

Luke Yelavich

Marc Deslauriers

Omer Akram

Serge Hallyn

Stefano Rivera

Steve Beattie

Ubuntu Security Team