From owner-freebsd-hackers Mon Jul 26 7:42: 1 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from acl.lanl.gov (acl.lanl.gov [128.165.147.1]) by hub.freebsd.org (Postfix) with ESMTP id DBBFB14D87 for ; Mon, 26 Jul 1999 07:41:56 -0700 (PDT) (envelope-from rminnich@acl.lanl.gov) Received: from n04.acl.lanl.gov (rminnich@n04.acl.lanl.gov [128.165.147.201]) by acl.lanl.gov (8.8.8/8.8.5) with ESMTP id IAA277116 for ; Mon, 26 Jul 1999 08:40:04 -0600 (MDT) Received: from localhost (rminnich@localhost) by n04.acl.lanl.gov (8.8.8/8.8.8) with ESMTP id IAA222924 for ; Mon, 26 Jul 1999 08:40:03 -0600 (MDT) X-Authentication-Warning: n04.acl.lanl.gov: rminnich owned process doing -bs Date: Mon, 26 Jul 1999 08:40:03 -0600 From: "Ronald G. Minnich" To: freebsd-hackers@FreeBSD.ORG Subject: Re: Filesystem question... In-Reply-To: <199907250237.MAA21069@gizmo.internode.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 25 Jul 1999, Mark Newton wrote: > "Appropriate access" includes the idea that you need to own the mountpoint > directory. If you have a system that's so badly run that arbitrary users > own /tmp, then I'd say user mounts are the least of your problems :-) True. But the fact is, if I can mount arbitrary filesystems into a name space seen by all processes, I can really cause some trouble. > Correct (unless you want your private stuff to be private, and chmod > your mountpoint's parent directory accordingly). People seem to be far more trusting of root than I am ... OK, I'll grant you can protect it from J. Random User. Why do people feel so willing to believe that chmod solves the world's problems? ron To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message