From owner-freebsd-hackers Mon Jul 26 7:44:50 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from acl.lanl.gov (acl.lanl.gov [128.165.147.1]) by hub.freebsd.org (Postfix) with ESMTP id B89BF14F4D for ; Mon, 26 Jul 1999 07:44:46 -0700 (PDT) (envelope-from rminnich@acl.lanl.gov) Received: from n04.acl.lanl.gov (rminnich@n04.acl.lanl.gov [128.165.147.201]) by acl.lanl.gov (8.8.8/8.8.5) with ESMTP id IAA259765 for ; Mon, 26 Jul 1999 08:44:15 -0600 (MDT) Received: from localhost (rminnich@localhost) by n04.acl.lanl.gov (8.8.8/8.8.8) with ESMTP id IAA226506 for ; Mon, 26 Jul 1999 08:44:14 -0600 (MDT) X-Authentication-Warning: n04.acl.lanl.gov: rminnich owned process doing -bs Date: Mon, 26 Jul 1999 08:44:14 -0600 From: "Ronald G. Minnich" To: freebsd-hackers@FreeBSD.org Subject: Re: Filesystem question... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 25 Jul 1999, Brian F. Feldman wrote: > On Sun, 25 Jul 1999, Mark Newton wrote: > > > Ronald G. Minnich wrote: > > > But thanks for the note. I just now realized that if I add a private name > > > space to v9fs (which is easy), and then turn on user mounts, user > > > processes can have private name spaces on freebsd! > > I can't wait to see the security problems that causes when setuid executables > > assume that they only need to be worrying about one filesystem namespace. > > :-) > There shouldn't be any problems if mount enabled the flags for nosuid/nodev > etc. if suser(p) != 0. Actually, i'd expect far fewer problems for the private mounts than for user mounts which modify the name space for all processes ... ron To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message