Re: [RFC PATCH] Revert "btrfs: allow mounting btrfs subvolumes with different ro/rw options"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 07/03/2014 02:28 AM, Qu Wenruo wrote:
> 
> -------- Original Message --------
> Subject: Re: [RFC PATCH] Revert "btrfs: allow mounting btrfs subvolumes with different ro/rw options"
> From: Goffredo Baroncelli <kreijack@xxxxxxxxx>
> To: Qu Wenruo <quwenruo@xxxxxxxxxxxxxx>, linux-btrfs@xxxxxxxxxxxxxxx
> Date: 2014年07月03日 01:48
>> On 07/01/2014 11:30 AM, Qu Wenruo wrote:
>>> This commit has the following problem:
>>> 1) Break the ro mount rule.
>>> When users mount the whole btrfs ro, it is still possible to mount
>>> subvol rw and change the contents. Which make the whole fs ro mount
>>> non-sense.
>> Where is the problem ? I see an use case when I want a conservative default: mount all ro except some subvolumes.
>>
>> In any case it is not a security problem because if the user has the capability to mount a subvolume, also he has the capability to remount,rw the whole filesystem.
>>
>>
>>
> Not security problem but behavior not consistent.
> If user mount the whole disk ro, he or she want the fs read only and nothing will change in it.
> If you mount a subvol rw, then the whole disk ro expectation is broken. Things will change even the whole
> disk is readonly.

Sorry for bother you again, but there is a thing not clear to me:

If

    # mount -o subvolid=5,ro /dev/sda1 /mnt/root
    # mount -o subvol=subvolname,rw /dev/sda1 /mnt/subvolname

I suppose that 

    # touch /mnt/root/touch-test 		# 1

fails, and

    # touch /mnt/subvolname/touch-test		# 2

succeeded. I understood correctly ? If so this behaviour seems to me correctly.
Different is after mounting the subvolume "subvolumename", also the whole filesystem results rw (eg: #1 succeeded).

G.Baroncelli





> 
> The problem also happens when a parent subvol is mounted rw but child subvol is mounted ro.
> User can still modify the child subvol through parent subvol, still broke the readonly rule.
> 
> Thanks,
> Qu
> 


-- 
gpg @keyserver.linux.it: Goffredo Baroncelli (kreijackATinwind.it>
Key fingerprint BBF5 1610 0B64 DAC6 5F7D  17B2 0EDA 9B37 8B82 E0B5
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Filesystem Development]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux