On 12/26/24 21:13, Shakeel Butt wrote: > On Tue, Dec 24, 2024 at 01:37:49PM +0100, David Hildenbrand wrote: >> On 23.12.24 23:14, Shakeel Butt wrote: >>> On Sat, Dec 21, 2024 at 05:18:20PM +0100, David Hildenbrand wrote: >>>> >>> >>> I think you have valid concerns but these are not new and not unique to >>> fuse. Any filesystem with a potential arbitrary stall can have similar >>> issues. The arbitrary stall can be caused due to network issues or some >>> faultly local storage. >> >> What concerns me more is that this is can be triggered by even unprivileged >> user space, and that there is no default protection as far as I understood, >> because timeouts cannot be set universally to a sane defaults. >> >> Again, please correct me if I got that wrong. >> > > Let's route this question to FUSE folks. More specifically: can an > unprivileged process create a mount point backed by itself, create a > lot of dirty (bound by cgroup) and writeback pages on it and let the > writeback pages in that state forever? libfuse provides 'fusermount' which has the s-bit set. I think most distributions take that over into their libfuse packages. The fuse-server process then continues to run as arbitrary user.
