Subject: Re: Mount permissions
To: Jonathan Stone <jonathan@DSG.Stanford.EDU>
From: Chris G. Demetriou <>
List: tech-kern
Date: 01/24/2000 08:12:23
Jonathan Stone <jonathan@DSG.Stanford.EDU> writes:
> Like the kernel enforcing non-root mounts get nodev,nosuid, and
> whatever else a well-behaved wrapper enforces. If the "whatever else"
> varies with local policy or taste, the wrapper seems better than
> putting policy hooks into the kernel.

Certianly, I know people who'd want 'noexec' to be a part of any such
flags (though typically I would not).

Some things do require kernel support, though: e.g. I'd like to see a
way to do user-mountable file systems which include nodev,nosuid, but
which the mounting user can do anything do, including create files as
other UIDs and even make them set-id.  (It'd be Nice to be able to
make file system images without needing root.)

Chris Demetriou - -
Disclaimer: Not speaking for NetBSD, just expressing my own opinion.