Date: Fri, 17 May 1996 11:22:26 -0700 (PDT) From: Jeffrey Hsu <hsu> To: jkh Cc: freebsd-security Subject: Re: very bad Message-ID: <199605171822.LAA07463@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
I believe mount_union is setuid root to allow non-root users to make union mounts in directories that they own. The Lite2 kernel (a current snapshot of my diffs is in ~hsu/cvs/teeny.diffs.5-16.gz) removes the restriction that only root can do mounts, so mount_union is no longer set_uid there. So, it should be sufficient to just make our mount_union non-setuid root for the following reasons: 1. Union mounts don't work anyways. 2. When they do work in Lite2, mount_union won't be setuid root. 3. If the user want to try out union mounts now, he can su and do it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605171822.LAA07463>