Re: kern/29360: vfs.generic.usermount and mount(8) general questions

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

The following reply was made to PR kern/29360; it has been noted by GNATS.

From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
To: Elad Efrat <elad%NetBSD.org@localhost>
Cc: gnats-bugs%NetBSD.org@localhost, tech-kern%NetBSD.org@localhost,
        Antti Kantee <pooka%NetBSD.org@localhost>
Subject: Re: kern/29360: vfs.generic.usermount and mount(8) general questions
Date: Sun, 6 Sep 2009 20:11:59 +0200

 On Sun, Sep 06, 2009 at 01:02:02PM -0400, Elad Efrat wrote:
 > On Sun, Sep 6, 2009 at 5:20 AM, Manuel 
 > Bouyer<bouyer%antioche.eu.org@localhost> wrote:
 > 
 > >> Does anyone see any drawbacks to this approach? If not, I'll change
 > >> the relevant code.
 > >
 > > Yes, that would mean a user could mount his own FS over e.g. /tmp, or
 > > /var/mail. that's bad.
 > 
 > Forgot about those world-writable-but-sticky directories. Righto. :)
 > 
 > > I think that checking the user owns the mount point is the right thing to 
 > > do.
 > > I think a sysctl to control whenever to check for group ownerchip instead
 > > of user ownerchip would work, though. It's up to the admin to carefully
 > > choose a group for devices and mount points :)
 > 
 > I agree with Antti here about the sysctl, but I want to replace the
 > root check, eventually. What do you guys think about replacing the
 > owner/root check with a kauth action that does the same in a
 > bsd44-suser listener?
 
 Fine with me
 
 -- 
 Manuel Bouyer <bouyer%antioche.eu.org@localhost>
      NetBSD: 26 ans d'experience feront toujours la difference
 --