Ronald G. Minnich wrote: > On Fri, 23 Jul 1999, Kris Kennaway wrote: > > On Thu, 22 Jul 1999, Ronald G. Minnich wrote: > > > Are you saying that as an ordinary user I can mount something on top of > > > /tmp, for example? > > If the vfs.usermount sysctl is 1, and you have appropriate access to the > > thing you're trying to mount (block device, etc). > > OK, so let's say it is 1. Let's say I have "appropriate access" to /tmp. I > mount my own fs on /tmp. I now have read/write access to everything anyone > writes to /tmp. "Appropriate access" includes the idea that you need to own the mountpoint directory. If you have a system that's so badly run that arbitrary users own /tmp, then I'd say user mounts are the least of your problems :-)
> Or, let's say I don't have "appropriate access" to /tmp. Pick some other > place. I mount my file system there for my files. Now everyone who wants > can look for these user mounts and walk them at will. My private stuff is > quite public. Correct (unless you want your private stuff to be private, and chmod your mountpoint's parent directory accordingly). > But thanks for the note. I just now realized that if I add a private name > space to v9fs (which is easy), and then turn on user mounts, user > processes can have private name spaces on freebsd! I can't wait to see the security problems that causes when setuid executables assume that they only need to be worrying about one filesystem namespace. :-) - mark ---- Mark Newton Email: new...@internode.com.au (W) Network Engineer Email: new...@atdot.dotat.org (H) Internode Systems Pty Ltd Desk: +61-8-82232999 "Network Man" - Anagram of "Mark Newton" Mobile: +61-416-202-223 To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
