From owner-freebsd-hackers Fri Jul 23 8:32:15 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from acl.lanl.gov (acl.lanl.gov [128.165.147.1]) by hub.freebsd.org (Postfix) with ESMTP id 1E72314C4A for ; Fri, 23 Jul 1999 08:32:12 -0700 (PDT) (envelope-from rminnich@acl.lanl.gov) Received: from localhost (rminnich@localhost) by acl.lanl.gov (8.8.8/8.8.5) with ESMTP id JAA187142 for ; Fri, 23 Jul 1999 09:30:54 -0600 (MDT) Date: Fri, 23 Jul 1999 09:30:54 -0600 From: "Ronald G. Minnich" To: freebsd-hackers@FreeBSD.ORG Subject: Re: Filesystem question... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 23 Jul 1999, Kris Kennaway wrote: > On Thu, 22 Jul 1999, Ronald G. Minnich wrote: > > Are you saying that as an ordinary user I can mount something on top of > > /tmp, for example? > If the vfs.usermount sysctl is 1, and you have appropriate access to the > thing you're trying to mount (block device, etc). OK, so let's say it is 1. Let's say I have "appropriate access" to /tmp. I mount my own fs on /tmp. I now have read/write access to everything anyone writes to /tmp. Or, let's say I don't have "appropriate access" to /tmp. Pick some other place. I mount my file system there for my files. Now everyone who wants can look for these user mounts and walk them at will. My private stuff is quite public. User mounts are neat. But user mounts that modify the global name space of the machine are not neat. User mounts should be part of a private name space. But thanks for the note. I just now realized that if I add a private name space to v9fs (which is easy), and then turn on user mounts, user processes can have private name spaces on freebsd! thanks ron To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message