tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: 5.0/i386 regressions

On Mon, Jan 26, 2009 at 08:57:21PM +0000, Dennis den Brok wrote:
> Adam Hamsik <> schrieb:
> > How does your /etc/fstab looks like, especially lines with user
> > mountable devices ? I think that you have to provide nosuid,
> > nodev if you want to mount disk as non-root user. You can read
> > about it in mount(8).
> Yes, you're right, specifying nosuid,nodev restores the ability to
> mount for arbitrary users. However, it seems this was done auto-
> matically in 4.0; why is this gone? Perhaps this should (more pro-
> minently) be documented.

The reason it's gone is that we modified the interface used to determine 
if users can perform specific actions. Now, we just ask "can user X do 
this mount?". In the past, the same code was able to change the mount 
flags (to add nosuid,nodev). But with the new interface and our desire to 
limit what the access routines can do, they now can only say "yes" or 
"no." Because otherwise, the validation code could effectively say, "Yes, 
and while we're at it, let's get rid of nosuid and nodev".

Take care,


Attachment: pgpBWl3w8RaHn.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index