RFC: Adding a ``user'' mount option
Robert Watson
rwatson at FreeBSD.org
Mon Apr 3 09:46:05 UTC 2006
On Mon, 3 Apr 2006, Joe Marcus Clarke wrote:
> I know we have vfs.usermount, but this is not always sufficient since the
> user has to own the mount point in question. What I propose is to add a
> ``user'' mount option à la Linux. This would make mount and umount setuid
> root, but would allow much more flexibility when it comes to removable media
> and desktop systems.
I would suggest that an extremely careful security audit of the userspace and
kernel mount and unmount code is due -- especially things like the
per-filesystem mount code (mount_nfs, etc). I'm not against the principle of
this though.
Also, I'm not 100% sure we should make the getuid() check return a hard error
in user space. Let's continue to let the kernel code make the access control
decision here.
Robert N M Watson
>
> I'm not a src committer, so this isn't a threat to commit. I'm more
> interested in getting feedback, and hopefully some src committer
> interest. I think this would really benefit desktop FreeBSD.
>
> http://www.marcuscom.com/downloads/usermount.diff
>
> Joe
>
> --
> Joe Marcus Clarke
> FreeBSD GNOME Team :: gnome at FreeBSD.org
> FreeNode / #freebsd-gnome
> http://www.FreeBSD.org/gnome
>
More information about the freebsd-hackers
mailing list