On Sun, 10 Jun 2007 08:49:54 -0500
seebs@seebs.net (Peter Seebach) wrote:

> With kauth in place, there's a noticable change to the usermount
> semantics:  Non-root users can only mount nodev,noexec,nosuid.
> I couldn't find any documentation explaining this, and it took a
> while to find the corresponding piece of source.
> 
> I can certainly see reasons to want nodev and nosuid.  I'm a
> bit unsure about the need for noexec, and it does make it hard
> to run some installers.
> 
> Wouldn't it be cleaner, though, to enforce these by automatically
> setting these options for non-root mounts, rather than by giving
> EPERM?  I suppose it's a quiet change, but I would probably rather
> have a quiet change that preserves the function of "I want to browse
> this CD" than a loud change which requires me to read the kauth
> source to find out what additional flags I need.  :)

I don't know the reason why those were made the default for non-root,
but there's some mention about it in mount(8)... at least in -current.

-- 
Juan Romero Pardines	- The NetBSD Project
http://plog.xtrarom.org	- NetBSD/pkgsrc news in Spanish