Re: kern/29360: vfs.generic.usermount and mount(8) general questions

[Elad Efrat <elad%NetBSD.org@localhost>]

The following reply was made to PR kern/29360; it has been noted by GNATS.

From: Elad Efrat <elad%NetBSD.org@localhost>
To: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Cc: gnats-bugs%netbsd.org@localhost, tech-kern%netbsd.org@localhost, 
        Antti Kantee <pooka%netbsd.org@localhost>
Subject: Re: kern/29360: vfs.generic.usermount and mount(8) general questions
Date: Sun, 6 Sep 2009 13:02:02 -0400

 On Sun, Sep 6, 2009 at 5:20 AM, Manuel 
Bouyer<bouyer%antioche.eu.org@localhost> wrote:
 
 >> Does anyone see any drawbacks to this approach? If not, I'll change
 >> the relevant code.
 >
 > Yes, that would mean a user could mount his own FS over e.g. /tmp, or
 > /var/mail. that's bad.
 
 Forgot about those world-writable-but-sticky directories. Righto. :)
 
 > I think that checking the user owns the mount point is the right thing to do.
 > I think a sysctl to control whenever to check for group ownerchip instead
 > of user ownerchip would work, though. It's up to the admin to carefully
 > choose a group for devices and mount points :)
 
 I agree with Antti here about the sysctl, but I want to replace the
 root check, eventually. What do you guys think about replacing the
 owner/root check with a kauth action that does the same in a
 bsd44-suser listener?
 
 Thanks,
 
 -e.