Analysis of mounts/unmounts issues.
Robert Watson
rwatson at freebsd.org
Sat Jan 31 18:59:47 PST 2004
On Sat, 31 Jan 2004, Pawel Jakub Dawidek wrote:
> Ok, I got complete solution.
>
> While I was looking on mksnap_ffs issue, I've found that we've MNT_USER
> flag to mark file systems mounted by unprivileged users. This flag is
> not used currently.
>
> Patch is here:
>
> http://garage.freebsd.pl/patches/mount.patch
>
> Patch made use of MNT_USER flag, so if file system is mounted by
> unprivileged root, it can be unmounted by him as well. Mount(8) has
> been modified to print 'mounted by <user>' for unprivileged root also.
I like this much better, and think the fix looks generally good. I think
leaving mount/umount disabled in jail for now, regardless of the MNT_USER
fix, is a good idea to be on the conservative side, but it might well be
worth continuing to explore usermount in jail in the future. The risk, as
already observed, is that jail's protections rely in large part on very
careful management of the file system namespace, and mount/umount on that
namespace implies a lot of risk.
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org Senior Research Scientist, McAfee Research
More information about the freebsd-fs
mailing list