To: Manuel Bouyer <bouyer@antioche.lip6.fr>
Cc: Chris Jones <chris@cjones.org>, tech-security@netbsd.org
Subject: Re: NetBSD Security Advisory 2000-001
References: <14505.23693.773699.404104@passion.geek.com.au> <x6zot2w3h2.fsf@reddwarf.rightnowtech.com> <20000215230900.A6739@antioche.lip6.fr> <x6itzqw0di.fsf@reddwarf.rightnowtech.com> <20000215235049.A6841@antioche.lip6.fr>
From: cgd@netbsd.org (Chris G. Demetriou)
Date: 15 Feb 2000 17:55:35 -0800
In-Reply-To: Manuel Bouyer's message of Tue, 15 Feb 2000 23:50:49 +0100
Message-ID: <87hff9gbc8.fsf@redmail.netbsd.org>
Lines: 33

Manuel Bouyer <bouyer@antioche.lip6.fr> writes:
> > > > What about user mounts of procfs filesystems?
> > > 
> > > Are regular users really allowed to mount procfs ???
> > 
> > Yes.  At least, I just did so on my 1.4R i386.
> 
> Well, I don't feel really confortable with this ... I'd prefer to have it
> restricted to root.

OK, what technical grounds are there for this?

Assuming the code works properly (and does permissions checks, etc.,
properly) what harm is there in letting users mount copies, or,
perhaps more correctly stated, not _preventing_ users from mounting
copies?

If the code doesn't work properly and is not safe, well:

	(1) it's not safe,
	(2) we shouldn't be encouraging people to have it in their
	    kernels, or shipping it in kernels ourselves, and
	(3) if we ship it by default in any kernels that we provide,
	    we have to take responsibility for that fact and act
	    appropriately if there are problems.

Personally, i'm very strongly in the (2) camp.  8-)


cgd
-- 
Chris Demetriou - cgd@netbsd.org - http://www.netbsd.org/People/Pages/cgd.html
Disclaimer: Not speaking for NetBSD, just expressing my own opinion.