From owner-freebsd-hackers@FreeBSD.ORG  Mon Jun 23 09:56:14 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id DE5E937B407; Mon, 23 Jun 2003 09:56:14 -0700 (PDT)
Received: from cicero2.cybercity.dk (cicero2.cybercity.dk [212.242.40.53])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 37B8043FE9; Mon, 23 Jun 2003 09:56:14 -0700 (PDT)
	(envelope-from db@traceroute.dk)
Received: from user2.cybercity.dk (fxp0.user2.ip.cybercity.dk [212.242.41.35])
	by cicero2.cybercity.dk (Postfix) with ESMTP
	id 8FEBEC205A; Mon, 23 Jun 2003 18:56:12 +0200 (CEST)
Received: from main (port132.ds1-arsy.adsl.cybercity.dk [212.242.239.73])
	by user2.cybercity.dk (Postfix) with SMTP
	id 2C0C118658; Mon, 23 Jun 2003 18:56:12 +0200 (CEST)
Date: Mon, 23 Jun 2003 19:03:48 +0200
From: Socketd <db@traceroute.dk>
To: Robert Watson <rwatson@freebsd.org>, hackers@freebsd.org
Message-Id: <20030623190348.34057f53.db@traceroute.dk>
In-Reply-To: <Pine.NEB.3.96L.1030623114101.52424E-100000@fledge.watson.org>
References: <20030623155627.5d0a0ad3.db@traceroute.dk>
	<Pine.NEB.3.96L.1030623114101.52424E-100000@fledge.watson.org>
X-Mailer: Sylpheed version 0.8.10claws (GTK+ 1.2.10; i386-portbld-freebsd4.8)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: Mounting
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Jun 2003 16:56:15 -0000

On Mon, 23 Jun 2003 11:45:37 -0400 (EDT)
Robert Watson <rwatson@freebsd.org> wrote:

> > /var/mail		noexec
> 
> nosuid would be fine here also. 

And noexec too I guess?

> nodev prevents opening specfs character devices, but doesn't prevent
> opening fifos or UNIX domain sockets, so is generally fine for all
> file systems except /dev.  The common exceptions I bump into are:
> 
> (1) If you have per-user chroots, make sure wherever their custom /dev
> is
>     isn't nodev.
> 
> (2) The linux port used to (may still) install with a null device
> under
>     /usr in the compat tree.  Mounting this with nodev will break
>     opening/dev/null for Linux apps.  I'm not sure why the null entry
>     exists there, and in fact we know it needs to go away since it
>     will break when we GC major device numbers. 

Ah ok, again thank you for your help :-D

br
socketd