From owner-freebsd-bugs  Wed Jan 28 07:50:51 1998
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA17641
          for freebsd-bugs-outgoing; Wed, 28 Jan 1998 07:50:51 -0800 (PST)
          (envelope-from owner-freebsd-bugs@FreeBSD.ORG)
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA17608
          for <freebsd-bugs@hub.freebsd.org>; Wed, 28 Jan 1998 07:50:43 -0800 (PST)
          (envelope-from bde@godzilla.zeta.org.au)
Received: (from bde@localhost)
	by godzilla.zeta.org.au (8.8.7/8.8.7) id CAA11625;
	Thu, 29 Jan 1998 02:46:08 +1100
Date: Thu, 29 Jan 1998 02:46:08 +1100
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199801281546.CAA11625@godzilla.zeta.org.au>
To: bde@zeta.org.au, kato@migmatite.eps.nagoya-u.ac.jp
Subject: Re: bin/5575: mount_msdos won't run setuid-root
Cc: freebsd-bugs@hub.freebsd.org
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

>>  3) The vfs.usermount sysctl.  Since access control is mostly broken,
>>     vfs.usermount defaults to 1 so that access control almost reverts
>>     to the pre-Lite2 model.
>
>The vfs.usermount sysctl can be, of course, changed from userland.
>So, new rc.conf argument like:
>
>	enable_usermount
>
>and proper code in /etc/rc are usefull.
>
>How about this?

No, vfs.usermount should go away as soon as the access control is fixed.

Do you think access control is required for union mounts, etc.?  I
guess it is until unionfs, etc. are robust.

Bruce