Re: [PATCH 0/4] export/fuse: Allow other users access to the export

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 0/4] export/fuse: Allow other users access to the export

From:	Max Reitz
Subject:	Re: [PATCH 0/4] export/fuse: Allow other users access to the export
Date:	Mon, 21 Jun 2021 19:18:17 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.1

On 21.06.21 18:12, Kevin Wolf wrote:

Am 14.06.2021 um 16:44 hat Max Reitz geschrieben:

Hi,

With the default mount options, FUSE mounts are not accessible to any
users but the one who did the mount, not even to root.  To allow such
accesses, allow_other must be passed.

This is probably useful to some people (it certainly is to me, e.g. when
exporting some image as my normal user, and then trying to loop mount it
as root), so this series adds a QAPI allow-other bool that will make the
FUSE export code pass allow_other,default_permissions to FUSE.

(default_permissions will make the kernel do the usual UNIX permission
checks, which is something that makes a lot of sense when allowing other
users access to the export.)

This also requires our SETATTR code to be able to handle permission
changes, though, so the user can then run chmod/chown/chgrp on the
export to adjust its permissions to their need.

The final patch adds a test.

If there is even a use case for leaving the option off (not trusting
root?), it must certainly be the less common case? So I'm not sure if
allow-other should be an option at all, but if it is, enabling it by
default would make more sense to me.

Is there a reason why you picked false as the default, except that it is
the old behaviour?


No. :)

Well, mostly. I also thought, if FUSE thinks allow_other shouldn’t bethe default, who am I to decide otherwise.

Now that I tried to find out why FUSE has it as the default (I onlyremember vague “security reasons”), I still couldn’t find out why, but Idid find that using this option as non-root user requires /etc/fuse.confto have user_allow_other in it, which I don’t think we can require.

So I think it must be an option. As for which value should be thedefault, that probably depends on how common having user_allow_other in/etc/fuse.conf is. I know I never put it there, and it’s both on myFedora and my Arch system. So I guess it seems rather common?

Max

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 3/4] export/fuse: Let permissions be adjustable, (continued)
- [PATCH 1/4] export/fuse: Add allow-other option, Max Reitz, 2021/06/14
  - Re: [PATCH 1/4] export/fuse: Add allow-other option, Kevin Wolf, 2021/06/22
- [PATCH 4/4] iotests/308: Test allow-other, Max Reitz, 2021/06/14
  - Re: [PATCH 4/4] iotests/308: Test allow-other, Kevin Wolf, 2021/06/22
    - Re: [PATCH 4/4] iotests/308: Test allow-other, Max Reitz, 2021/06/22
- [PATCH 2/4] export/fuse: Give SET_ATTR_SIZE its own branch, Max Reitz, 2021/06/14
  - Re: [PATCH 2/4] export/fuse: Give SET_ATTR_SIZE its own branch, Kevin Wolf, 2021/06/22
- Re: [PATCH 0/4] export/fuse: Allow other users access to the export, Kevin Wolf, 2021/06/21
  - Re: [PATCH 0/4] export/fuse: Allow other users access to the export, Max Reitz <=

Prev by Date: Re: [PATCH 0/4] export/fuse: Allow other users access to the export
Next by Date: Re: [PATCH 5/6] block/nbd: Do not force-cap *pnum
Previous by thread: Re: [PATCH 0/4] export/fuse: Allow other users access to the export
Next by thread: [PATCH v2] hw/nvme: be more careful when deasserting IRQs
Index(es):
- Date
- Thread