[ On Monday, March 29, 1999 at 18:03:12 (-0600), Brian C. Grayson wrote: ]
> Subject: Re: procfs & mount changes (was: ps /proc changes)
>
>   That would solve the problem of someone mounting /fakeproc123
> on top of /proc/123.  But is it possible for the nomount to
> prevent someone from doing:
> mount /myfakeroot / (and thus obscure /proc completely, perhaps
> 		     placing a fake one in place)

If / is owned by the attacker than you're already at the point of no
return anyway.  Why worry?  ;-)

But otherwise yes, I do like the idea of a nomount flag -- it would
work around the current procfs deficiencies rather well and might offer
simple solutions to other similar problems too -- i.e. it is elegant and
solves more than one problem at a time so must be relatively worthwhile.

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>