From owner-freebsd-hackers@FreeBSD.ORG Mon Apr 3 09:46:05 2006 Return-Path: X-Original-To: hackers@FreeBSD.org Delivered-To: freebsd-hackers@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1FFB916A51C; Mon, 3 Apr 2006 09:46:04 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25EC843D49; Mon, 3 Apr 2006 09:46:04 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 7498846C38; Mon, 3 Apr 2006 05:46:03 -0400 (EDT) Date: Mon, 3 Apr 2006 10:46:03 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Joe Marcus Clarke In-Reply-To: <1144042356.824.16.camel@shumai.marcuscom.com> Message-ID: <20060403104309.Y76562@fledge.watson.org> References: <1144042356.824.16.camel@shumai.marcuscom.com> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-1630884416-1144057563=:76562" Cc: hackers@FreeBSD.org Subject: Re: RFC: Adding a ``user'' mount option X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Apr 2006 09:46:05 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --0-1630884416-1144057563=:76562 Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: QUOTED-PRINTABLE On Mon, 3 Apr 2006, Joe Marcus Clarke wrote: > I know we have vfs.usermount, but this is not always sufficient since the= =20 > user has to own the mount point in question. What I propose is to add a= =20 > ``user'' mount option =E0 la Linux. This would make mount and umount set= uid=20 > root, but would allow much more flexibility when it comes to removable me= dia=20 > and desktop systems. I would suggest that an extremely careful security audit of the userspace a= nd=20 kernel mount and unmount code is due -- especially things like the=20 per-filesystem mount code (mount_nfs, etc). I'm not against the principle = of=20 this though. Also, I'm not 100% sure we should make the getuid() check return a hard err= or=20 in user space. Let's continue to let the kernel code make the access contr= ol=20 decision here. Robert N M Watson > > I'm not a src committer, so this isn't a threat to commit. I'm more > interested in getting feedback, and hopefully some src committer > interest. I think this would really benefit desktop FreeBSD. > > http://www.marcuscom.com/downloads/usermount.diff > > Joe > > --=20 > Joe Marcus Clarke > FreeBSD GNOME Team :: gnome@FreeBSD.org > FreeNode / #freebsd-gnome > http://www.FreeBSD.org/gnome > --0-1630884416-1144057563=:76562--