From owner-freebsd-security@FreeBSD.ORG  Mon Nov 21 12:39:08 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EB07316A41F;
	Mon, 21 Nov 2005 12:39:08 +0000 (GMT) (envelope-from avg@icyb.net.ua)
Received: from citadel.icyb.net.ua (citadel.icyb.net.ua [212.40.38.140])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9FC5D43D77;
	Mon, 21 Nov 2005 12:39:04 +0000 (GMT) (envelope-from avg@icyb.net.ua)
Received: from [212.40.38.87] (oddity-e.topspin.kiev.ua [212.40.38.87])
	by citadel.icyb.net.ua (8.8.8p3/ICyb-2.3exp) with ESMTP id OAA03665;
	Mon, 21 Nov 2005 14:38:58 +0200 (EET) (envelope-from avg@icyb.net.ua)
Message-ID: <4381BFE2.80106@icyb.net.ua>
Date: Mon, 21 Nov 2005 14:38:58 +0200
From: Andriy Gapon <avg@icyb.net.ua>
User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051016)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-security@freebsd.org, freebsd-fs@freebsd.org
Content-Type: text/plain; charset=KOI8-U
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Mon, 21 Nov 2005 12:55:20 +0000
Cc: 
Subject: mount -u -r drops nosuid ?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2005 12:39:09 -0000


Not sure if this is a bug or a feature, but it seems like potential
security risk: I have a ufs fs mounted rw+nosuid, then I needed to
downgrade it to ro, so I executed mount -u -r on it - imagine my surpise
when I found that nosuid flag was removed as well. I know I could have
used mount -u -r -o nosuid, but the present behavior seems to be
non-obvious (update one flag, orthogonal flags dropped as well) and
dangerously so.

System is 5.4-RELEASE-p3 i386

-- 
Andriy Gapon