Date: Fri, 31 Jan 2003 14:17:38 -0800 From: "Eugene M. Kim" <ab@astralblue.net> To: "Jacques A. Vidrine" <nectar@FreeBSD.ORG> Cc: Kirk McKusick <mckusick@beastie.mckusick.com>, Jun Kuriyama <kuriyama@imgsrc.co.jp>, Current <freebsd-current@FreeBSD.ORG>, Robert Watson <rwatson@tislabs.com> Subject: Re: dump -L and privilege Message-ID: <20030131221738.GA73402@purple.the-7.net> In-Reply-To: <20030130231501.GB75768@opus.celabo.org> References: <7miswoocye.wl@black.imgsrc.co.jp> <200301300217.h0U2HVFL015158@beastie.mckusick.com> <20030130231501.GB75768@opus.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Moreover, the fact that the number of snapshots allowed on a filesystem is limited to a handful (src/sys/ufs/ffs/README.snapshot says 20) makes it possible for normal users to disrupt dump -L and other important operations that require snapshots. Alternative 2 seems a lot more sensible. Just my 2 KRW (1 USD ~= 1250 KRW) :D, Eugene On Thu, Jan 30, 2003 at 05:15:01PM -0600, Jacques A. Vidrine wrote: > On Wed, Jan 29, 2003 at 06:17:31PM -0800, Kirk McKusick wrote: > > Alternative 1 `usermount' > > The first would be > > to change the default for vfs.usermount == 1 and then have dump -L > > create the snapshot in a directory owned by "operator" (or by > > whatever user runs the dumps). Then the snapshot could be created, > > used, and deleted by that user. > > Alternative 2 `/sbin/snapshot' > > The other alternative would be to > > create a setuid-to-root program that would take a snapshot and > > chown it to the user that does dumps. This setuid program could > > then be invoked by dump -L to create a snapshot for it. > > Despite a distaste for setuid executables, I think I'd prefer a simple > /sbin/snapshot setuid program. Primarily, enabling `vfs.usermount' > gives more privileges to more users than I'm comfortable with. > Secondarily, /sbin/snapshot may be useful on its own. > > Cheers, > -- > Jacques A. Vidrine <nectar@celabo.org> http://www.celabo.org/ > NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos > jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030131221738.GA73402>