From owner-freebsd-current  Sat Apr 21 16:52:20 2001
Delivered-To: freebsd-current@freebsd.org
Received: from mr200.netcologne.de (mr200.netcologne.de [194.8.194.109])
	by hub.freebsd.org (Postfix) with ESMTP id 8E65F37B422
	for <freebsd-current@FreeBSD.ORG>; Sat, 21 Apr 2001 16:52:17 -0700 (PDT)
	(envelope-from pherman@frenchfries.net)
Received: from husten.security.at12.de (dial-213-168-88-8.netcologne.de [213.168.88.8])
	by mr200.netcologne.de (Mirapoint)
	with ESMTP id AEC78927;
	Sun, 22 Apr 2001 01:52:14 +0200 (CEST)
Date: Sun, 22 Apr 2001 01:51:32 +0200 (CEST)
From: Paul Herman <pherman@frenchfries.net>
To: Bruce Evans <bde@zeta.org.au>
Cc: <freebsd-current@FreeBSD.ORG>
Subject: Changing "df [device]" behaviour (Re: /bin/df set-gid operator)
In-Reply-To: <Pine.BSF.4.21.0104220454040.4243-100000@besplex.bde.org>
Message-ID: <Pine.BSF.4.33.0104220113470.88695-100000@husten.security.at12.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sun, 22 Apr 2001, Bruce Evans wrote:

> In FreeBSD, mount privilege is controlled by the vfs.usermount
> sysctl (default: off), so df must still be setgid operator to work
> on devices.
>
> The mount() method is better because can work on work on all types
> of filesystems that the kernel understands, while ufs_df() only
> works for ufs.
>
> [patch]

Although I like the idea of being able to df unmounted, non-ufs
filesystems, I think the tradeoff might be too harsh.

Non-root users aren't allowed to mount(2) at all if vfs.usermount=0,
operator or no operator -- that is, in this case, df would fail for
non-root users.

-Paul.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message