Subject: Re: kern/7129: normal user can bypass mount 'noexec' flags
To: Bill Studenmund <>
From: Thor Lancelot Simon <>
List: tech-security
Date: 03/11/1999 18:50:44
On Thu, Mar 11, 1999 at 03:11:59PM -0800, Bill Studenmund wrote:
> On Thu, 11 Mar 1999, Jason Thorpe wrote:
> > On Thu, 11 Mar 1999 20:47:19 +0100 
> >  Manuel Bouyer <> wrote:
> > 
> >  > And they will be back if a MNT_UPDATE is done on the lower FS.
> >  > We need a way to track flags that have been deleted by a update. 
> > 
> > You could have the top layer look at the bottom layer's mount flags
> > when a vfs or vn op happens...
> I think that's a bad idea. Checking each op will be expensive, given that
> flag changes are rare. Also, there's the problem that I think the idea of
> a root nullfs mount which has fewer restrictions than the layer on which
> it's loaded is reasonable (If root wants to hang him/herself, ok :-)

I do not.

Limiting how much damage root can do is *precisely the purpose* of some of
the mount flags we're talking about, at least the way I see it.