On Thu, Dec 19, 2002 at 03:27:09PM -0800, Jonathan Stone wrote:
> In message <20021220000754.A18539@vaasje.org>Frank van der Linden writes
> >On Thu, Dec 19, 2002 at 03:04:59PM -0800, Jonathan Stone wrote:
> >> Try mounting all the UFS filesystems in a FreeBSD partition sometime.
> >> (no, mbrlabel does n't find them all).  Bill's proposal makes that
> >> even harder than it is now.
> >
> >No it doesn't, Bill's proposal includes a utility that grovels the
> >disk and *finds all partitions for you of all types* and then
> >configures disk device nodes for them.
> 
> Frank, the part which says ``run a special userspace utility?''
> is a big step *backwards*.
> 
> Try inserting an MBR-labelled CF into a USB CF reader.  Or inserting
> the same CF into an IDE laptop slot, via a CF-to-PCMCIA mechanical adaptor.

Indeed, I'm quite concerned about the security implications of this.  With
the kernel implementation, userland doesn't have to be able to alter
partition tables at securelevel > 0 in order for new disks that suddenly
appear to have their partitions found.  With the proposed split
implementation, it does -- and thus all of the protection against using
mounted partitions is lost, because a userland application can simply
adjust the partition table to be able to write wherever on the disk it
cares to.