Date: Sat, 31 Jan 2004 21:57:17 -0500 (EST) From: Robert Watson <rwatson@freebsd.org> To: Pawel Jakub Dawidek <nick@garage.freebsd.pl> Cc: freebsd-fs@freebsd.org Subject: Re: Analysis of mounts/unmounts issues. Message-ID: <Pine.NEB.3.96L.1040131215551.17012C-100000@fledge.watson.org> In-Reply-To: <20040131133158.GE72053@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 31 Jan 2004, Pawel Jakub Dawidek wrote: > Ok, I got complete solution. > > While I was looking on mksnap_ffs issue, I've found that we've MNT_USER > flag to mark file systems mounted by unprivileged users. This flag is > not used currently. > > Patch is here: > > http://garage.freebsd.pl/patches/mount.patch > > Patch made use of MNT_USER flag, so if file system is mounted by > unprivileged root, it can be unmounted by him as well. Mount(8) has > been modified to print 'mounted by <user>' for unprivileged root also. I like this much better, and think the fix looks generally good. I think leaving mount/umount disabled in jail for now, regardless of the MNT_USER fix, is a good idea to be on the conservative side, but it might well be worth continuing to explore usermount in jail in the future. The risk, as already observed, is that jail's protections rely in large part on very careful management of the file system namespace, and mount/umount on that namespace implies a lot of risk. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Senior Research Scientist, McAfee Research
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1040131215551.17012C-100000>