Subject: Re: usermount semantics changed... Why?
To: None <firstname.lastname@example.org>
From: Juan RP <email@example.com>
Date: 06/10/2007 17:22:24
On Sun, 10 Jun 2007 08:49:54 -0500
firstname.lastname@example.org (Peter Seebach) wrote:
> With kauth in place, there's a noticable change to the usermount
> semantics: Non-root users can only mount nodev,noexec,nosuid.
> I couldn't find any documentation explaining this, and it took a
> while to find the corresponding piece of source.
> I can certainly see reasons to want nodev and nosuid. I'm a
> bit unsure about the need for noexec, and it does make it hard
> to run some installers.
> Wouldn't it be cleaner, though, to enforce these by automatically
> setting these options for non-root mounts, rather than by giving
> EPERM? I suppose it's a quiet change, but I would probably rather
> have a quiet change that preserves the function of "I want to browse
> this CD" than a loud change which requires me to read the kauth
> source to find out what additional flags I need. :)
I don't know the reason why those were made the default for non-root,
but there's some mention about it in mount(8)... at least in -current.
Juan Romero Pardines - The NetBSD Project
http://plog.xtrarom.org - NetBSD/pkgsrc news in Spanish