RFC: Adding a ``user'' mount option
Colin Percival
cperciva at freebsd.org
Mon Apr 3 06:04:25 UTC 2006
Joe Marcus Clarke wrote:
> I know we have vfs.usermount, but this is not always sufficient since
> the user has to own the mount point in question. What I propose is to
> add a ``user'' mount option à la Linux. This would make mount and
> umount setuid root, but would allow much more flexibility when it comes
> to removable media and desktop systems.
If I understand the patch correctly, you're proposing that some filesystems
be marked as "this can be mounted or unmounted by non-root users". If this
is correct, it seems to me that a more appropriate solution is to add an
/etc/usermount.conf file and a new setuid utility usermount(8) which would
look at the invoking user and the filesystem requested and either pass the
request to mount(8) or reject it.
Generally speaking it's much better to add a new setuid program which does
exactly what you need, rather than making an existing and possibly insecure
program setuid.
Colin Percival
More information about the freebsd-hackers
mailing list