On 2012-9-14 5:26, Eric W. Biederman wrote: > Zhao Hongjiang <zhaohongjiang37@xxxxxxxxx> writes: > >> From: Zhao Hongjiang <zhaohongjiang@xxxxxxxxxx> >> >> Relax the permission checks to allow unprivileged users that have >> CAP_SYS_ADMIN permissions in the user namespace referred to by the >> current mount namespace to be allowed to remount filesystems. > > Remount in general make filesystem configuration changes not mount level > changes. > > In general remount is not safe for unprivielged users. > > Do you have a use case where you need to remount a filesystem? As we can do a umount+mount,I don't see why remount operation is not allowed. Shouldn't we add checks in remount path in the specific filesystem to ensure safety instead when we enable unprivilleged mount? > > Eric > _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
