> You have removed the code that checked if the peer or > master mount was in the same namespace before reporting their > corresponding mount-ids. One downside of that approach is the > user will see an mount_id in the output with no corresponding > line to explain the details of the mount_id. Before the change, the peer and master ID's were basically randomly chosen from the peers, which means, it wasn't possible to always determine, that two mounts were peers, or that they were slaves to the same peer group. After the change, this is possible, since the peer ID will be the same for all mounts which are peers. This means, that even though the peer ID might be in a different namespace, it is possible to determine all peers within the same namespace by comparing their peer ID's. > > And reporting the mount-id of a mount is some other namespace > could subtly mean information-leak? I don't think the mount ID itself can be sensitive, it really doesn't contain any information, other than being an identifier. > One other comment I had received offline from Steve French was > that the patch did not consider the following case: > > "Have you thought about whether this could handle the case in which cifs mounts with > a relative path e.g. currently > mount -t cifs //server/share /mnt > > can not be distinguished from > mount -t cifs //server/share/subdirectory /mnt > > when you run the mount command (ie the cifs "prefixpath" in this case > "/subdirectory" is not displayed)" Why cifs not displaying '//server/share/subdirectory' as the source of the mount? Miklos - To unsubscribe from this list: send the line "unsubscribe util-linux-ng" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html