James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> writes: > The point here is, this patch set is simply mechanism; it requires a > glue layer (like shiftfs, fuse or the vfs remapping proposal) to > activate it. Well ext4 can be used directly and Seth has basic patches for that support. The modifications needed are quite modest. The problem with ext4 is that a malicious ext4 filesystem image might be able to do something nasty to the kernel. How to create a maintainable high performance filesystem that can guard against malicious filesystem images is an open problem right now. Which makes ext4 a poor target for unprivileged mounts. Fuse is a good target because guarding against malicious input from userspace is part of it's orginial design. The new novel mechanism is handling INVALID_UID and INVALID_GID at the VFS layer so that filesystems who have translations in play (which will be anything not mounted by the global root) won't have to get all of the weird corner cases right on their own. To that end I will be very interested to see what shiftfs looks like on top of all of this. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html