Hi,
first (before I complain), let me congratulate everyone on a job
well-done with 1.4 - looks very promising (especially wscons and the
scheduler fixes).

However, there are obviously still some pretty serious problems in the
union file system.  There is the problem reported by Bernd Sieker
(repeated mount_union of the same directory), and there is the kern/3645
PR that I opened two years ago (the mount_union command will no longer
allow you to mount the same directory on itself, but the kernel still
will).  The result of both problems is that any unpriveledged user can
panic a default NetBSD-1.4 installation.

I know it's pretty late in the schedule, but I think something should be
done about this before 1.4 is released.  The simplest answer is to take
the union filesystem out of the generic kernel, and add a comment saying
"add this at your own risk - buggy".  Most unexperienced users will
leave things like the union (and null and umap) filesystems in their
kernels, because they aren't aware of the known problems.  This exact
problem caused me a lot of headache 2 years ago when the machines at an
ISP I worked for were being intentially crashed (and I was unexperienced
in theese things).

I know were in the "critical changes only" stage of the 1.4 release, but
IMHO, an unpriveledged reproducable panic is second in pretty critical. 
At this late stage, I would suggest AT THE ABSOLUTE LEAST - adding a
comment in the GENERIC kernel config file saying that the union fs is
dangerous.

What does everyone else think?