Date: Mon, 3 Apr 2006 10:46:03 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: Joe Marcus Clarke <marcus@FreeBSD.org> Cc: hackers@FreeBSD.org Subject: Re: RFC: Adding a ``user'' mount option Message-ID: <20060403104309.Y76562@fledge.watson.org> In-Reply-To: <1144042356.824.16.camel@shumai.marcuscom.com> References: <1144042356.824.16.camel@shumai.marcuscom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 3 Apr 2006, Joe Marcus Clarke wrote: > I know we have vfs.usermount, but this is not always sufficient since the > user has to own the mount point in question. What I propose is to add a > ``user'' mount option à la Linux. This would make mount and umount setuid > root, but would allow much more flexibility when it comes to removable media > and desktop systems. I would suggest that an extremely careful security audit of the userspace and kernel mount and unmount code is due -- especially things like the per-filesystem mount code (mount_nfs, etc). I'm not against the principle of this though. Also, I'm not 100% sure we should make the getuid() check return a hard error in user space. Let's continue to let the kernel code make the access control decision here. Robert N M Watson > > I'm not a src committer, so this isn't a threat to commit. I'm more > interested in getting feedback, and hopefully some src committer > interest. I think this would really benefit desktop FreeBSD. > > http://www.marcuscom.com/downloads/usermount.diff > > Joe > > -- > Joe Marcus Clarke > FreeBSD GNOME Team :: gnome@FreeBSD.org > FreeNode / #freebsd-gnome > http://www.FreeBSD.org/gnome >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060403104309.Y76562>