Subject: Re: normal user can bypass mount 'noexec' flags
To: Manuel Bouyer <firstname.lastname@example.org>
From: Jason Thorpe <email@example.com>
Date: 03/11/1999 11:19:09
On Thu, 11 Mar 1999 17:12:55 +0100
Manuel Bouyer <firstname.lastname@example.org> wrote:
> 2- user mounts inherit the noexec flag from the target directory's partition.
> The mount has to be done on a directory owned by this user, which means
> he can write to this partition. If he can execute a file copied to this
> partition as well, they're no security compromise by allowing it to
> execute a binary on the partition he mounted (unless I missed something).
> 1- will work, for sure. I think 2 should work too, and it is what I will
> try to implement.
> Does someone see if I missed something ?
See my response the the PR (on tech-kern). It should not be limited to
"users". Stacked mounts (nullfs, and the dmfs that Bill Studenmund is
working on) should inherit all appropriate mount flags from the bottom
layer -- dynamically. I.e. if I do a MNT_UPDATE on the bottom layer, the
top (stacked) layer should have its flags updated to match.
-- Jason R. Thorpe <email@example.com>