|
|
The following reply was made to PR kern/29360; it has been noted by GNATS.
From: Elad Efrat <elad@xxxxxxxxxx>
To: Manuel Bouyer <bouyer@xxxxxxxxxxxxxxx>
Cc: gnats-bugs@xxxxxxxxxx, tech-kern@xxxxxxxxxx,
Antti Kantee <pooka@xxxxxxxxxx>
Subject: Re: kern/29360: vfs.generic.usermount and mount(8) general questions
Date: Sun, 6 Sep 2009 13:02:02 -0400
On Sun, Sep 6, 2009 at 5:20 AM, Manuel Bouyer<bouyer@xxxxxxxxxxxxxxx> wrote:
>> Does anyone see any drawbacks to this approach? If not, I'll change
>> the relevant code.
>
> Yes, that would mean a user could mount his own FS over e.g. /tmp, or
> /var/mail. that's bad.
Forgot about those world-writable-but-sticky directories. Righto. :)
> I think that checking the user owns the mount point is the right thing to do.
> I think a sysctl to control whenever to check for group ownerchip instead
> of user ownerchip would work, though. It's up to the admin to carefully
> choose a group for devices and mount points :)
I agree with Antti here about the sysctl, but I want to replace the
root check, eventually. What do you guys think about replacing the
owner/root check with a kauth action that does the same in a
bsd44-suser listener?
Thanks,
-e.
|
|