Subject: Re: Mount permissions
To: Chris G. Demetriou <>
From: David Brownlee <>
List: tech-kern
Date: 01/25/2000 01:01:31
On 24 Jan 2000, Chris G. Demetriou wrote:

> Jonathan Stone <jonathan@DSG.Stanford.EDU> writes:
> > Like the kernel enforcing non-root mounts get nodev,nosuid, and
> > whatever else a well-behaved wrapper enforces. If the "whatever else"
> > varies with local policy or taste, the wrapper seems better than
> > putting policy hooks into the kernel.
> Certianly, I know people who'd want 'noexec' to be a part of any such
> flags (though typically I would not).
> Some things do require kernel support, though: e.g. I'd like to see a
> way to do user-mountable file systems which include nodev,nosuid, but
> which the mounting user can do anything do, including create files as
> other UIDs and even make them set-id.  (It'd be Nice to be able to
> make file system images without needing root.)

	How about an extra option that could be added to entries in
	fstab that would specify a group that had permission to perform
	that mount command. You could then set whatever appropriate
	additional options on that line.