Date: Tue, 04 Apr 2006 02:51:33 -0400 From: Joe Marcus Clarke <marcus@FreeBSD.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: hackers@FreeBSD.org Subject: Re: RFC: Adding a ``user'' mount option Message-ID: <1144133493.9725.36.camel@shumai.marcuscom.com> In-Reply-To: <20060403232730.E76562@fledge.watson.org> References: <1144042356.824.16.camel@shumai.marcuscom.com> <20060403104309.Y76562@fledge.watson.org> <44316CAB.2040706@FreeBSD.org> <20060403232730.E76562@fledge.watson.org>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Mon, 2006-04-03 at 23:30 +0100, Robert Watson wrote: > On Mon, 3 Apr 2006, Joe Marcus Clarke wrote: > > >> I would suggest that an extremely careful security audit of the userspace > >> and kernel mount and unmount code is due -- especially things like the > >> per-filesystem mount code (mount_nfs, etc). I'm not against the principle > >> of this though. > > > > Agreed. I was hoping to make this solution secure, flexible, and easy to > > use. > > Sure. And if you don't commit bug fixes to mount, we'll know you haven't > tried looking very hard, because it seems very likely to me it has problems > :-). > > >> Also, I'm not 100% sure we should make the getuid() check return a hard > >> error in user space. Let's continue to let the kernel code make the access > >> control decision here. > > > > I did the check in user space so that I could read the fstab file, and know > > that the volume was allowed to be user-[un]mounted. I suppose, though, that > > I could set the flags in user space, then pass that to the kernel for the > > actual access control decision as you say. > > I'm not entirely clear on what ideal is, but one possibility is to allow the > user mount bit to determine whether the mount system call is invoked with > privilege. Thanks for the feedback. I'll try and release an updated diff this weekend that incorporates your suggestions, and I'll attempt the wildcard suggestion made by silby. Joe > > Robert N M Watson > -- Joe Marcus Clarke FreeBSD GNOME Team :: gnome@FreeBSD.org FreeNode / #freebsd-gnome http://www.FreeBSD.org/gnome [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQBEMhd1b2iPiv4Uz4cRAtKLAKCZgj4Q5H2wV3tqeEqyyaxpuQB8GgCbBv/n JvCLLeqH+1yjZpuEtdPt+80= =ml5G -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1144133493.9725.36.camel>