[Devel] Re: [patch 7/8] allow unprivileged mounts
Eric W. Biederman
ebiederm at xmission.com
Sat Apr 21 14:00:16 PDT 2007
Jan Engelhardt <jengelh at linux01.gwdg.de> writes:
> On Apr 21 2007 10:57, Eric W. Biederman wrote:
>>
>>> tmpfs!
>>
>>tmpfs is a possible problem because it can consume lots of ram/swap.
>>Which is why it has limits on the amount of space it can consume.
>
> Users can gobble up all RAM and swap already today. (Unless they are
> confined into an rlimit, which, in most systems, is not the case.)
> And in case /dev/shm exists, they can already fill it without running
> into an rlimit early.
There are systems that care about rlimits and there is strong intersection
between caring about rlimits and user mounts. Although I do agree that
it looks like we have gotten lazy with the default mount options for
/dev/shm.
Going a little farther any filesystem that is safe to put on a usb
stick and mount automatically should ultimately be safe for unprivileged
mounts as well.
So it looks to me like ultimately most of the common filesystems will actually
be safe for non-privileged mounting.
Regardless this looks like an important discussion as soon as we have the
glitches out of the non-privileged mount code.
Eric
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list