Date: Mon, 03 Apr 2006 14:42:51 -0400 From: Joe Marcus Clarke <marcus@FreeBSD.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: hackers@FreeBSD.org Subject: Re: RFC: Adding a ``user'' mount option Message-ID: <44316CAB.2040706@FreeBSD.org> In-Reply-To: <20060403104309.Y76562@fledge.watson.org> References: <1144042356.824.16.camel@shumai.marcuscom.com> <20060403104309.Y76562@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robert Watson wrote: > On Mon, 3 Apr 2006, Joe Marcus Clarke wrote: > >> I know we have vfs.usermount, but this is not always sufficient since >> the user has to own the mount point in question. What I propose is to >> add a ``user'' mount option à la Linux. This would make mount and >> umount setuid root, but would allow much more flexibility when it >> comes to removable media and desktop systems. > > I would suggest that an extremely careful security audit of the > userspace and kernel mount and unmount code is due -- especially things > like the per-filesystem mount code (mount_nfs, etc). I'm not against > the principle of this though. Agreed. I was hoping to make this solution secure, flexible, and easy to use. > > Also, I'm not 100% sure we should make the getuid() check return a hard > error in user space. Let's continue to let the kernel code make the > access control decision here. I did the check in user space so that I could read the fstab file, and know that the volume was allowed to be user-[un]mounted. I suppose, though, that I could set the flags in user space, then pass that to the kernel for the actual access control decision as you say. Joe > > Robert N M Watson > >> >> I'm not a src committer, so this isn't a threat to commit. I'm more >> interested in getting feedback, and hopefully some src committer >> interest. I think this would really benefit desktop FreeBSD. >> >> http://www.marcuscom.com/downloads/usermount.diff >> >> Joe >> >> -- >> Joe Marcus Clarke >> FreeBSD GNOME Team :: gnome@FreeBSD.org >> FreeNode / #freebsd-gnome >> http://www.FreeBSD.org/gnome >> - -- Joe Marcus Clarke FreeBSD GNOME Team :: gnome@FreeBSD.org FreeNode / #freebsd-gnome http://www.FreeBSD.org/gnome -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEMWyrb2iPiv4Uz4cRAoEsAJ9FIdAHhxxD37KCw0ma8vs5OUySigCeJbjg UYa4Bjjb9l1F46XGHulZTAI= =qlHM -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44316CAB.2040706>