On Sat, Jun 06, 2015 at 09:19:40AM +0200, U.Mutlu wrote: > I posted hello.c (a FUSE demo) in this thread. It is IMO even more secure > than the private namespace mount method. The simple reason is: > because granting access to the volume (or to a single dir/file) > is done inside that user-code itself, ie. the user/owner controls > whom he actually gives access. > I'm sorry to say this, but this simply proves your last statement above wrong. So the root user ptraces the FUSE daemon, and it's all she wrote. - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
