From owner-freebsd-current Mon May 20 14:59:04 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id OAA21705 for current-outgoing; Mon, 20 May 1996 14:59:04 -0700 (PDT) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.211]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id OAA21698 for ; Mon, 20 May 1996 14:59:01 -0700 (PDT) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id OAA28636; Mon, 20 May 1996 14:54:30 -0700 From: Terry Lambert Message-Id: <199605202154.OAA28636@phaeton.artisoft.com> Subject: Re: unionfs To: bde@zeta.org.au (Bruce Evans) Date: Mon, 20 May 1996 14:54:30 -0700 (MST) Cc: bde@zeta.org.au, wollman@lcs.mit.edu, freebsd-current@freebsd.org In-Reply-To: <199605201527.BAA26678@godzilla.zeta.org.au> from "Bruce Evans" at May 21, 96 01:27:21 am X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > >I think that this may be another service which doesn't want to be > >available as an LKM. (IPFW is another, but for rather different > >reasons.) When the new code is integrated, mount_union will not be > >able to modload the unionfs module unless it is run by root, which > >rather defeats the purpose of allowing ordinary users to mount > >unionfs:es in the first place. > > It should be possible for anyone to ask a trusted server to load > trusted LKMs. However, LKMs can't be loaded if securelevel > 0, > so it is best not to depend on loading them on demand. Kernel-based demand loading will (potentially) kill this. I don't understand the need to allow ordinary users to do mounts; FS hierarchy geometry is pretty system-critical, IMO. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.