Return to BSD News archive
Newsgroups: comp.unix.bsd.misc,comp.unix.bsd.freebsd.misc
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.cs.su.oz.au!metro!metro!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!cpk-news-hub1.bbnplanet.com!news.bbnplanet.com!howland.erols.net!blackbush.xlink.net!ins.net!ruhr.de!devnull.ruhr.de!usenet
From: Benedikt Stockebrand <benedikt@devnull.ruhr.de>
Subject: Re: User mount possible?
Content-Type: text/plain; charset=iso-8859-1
X-Newsreader: Gnus v5.3/Emacs 19.34
Sender: usenet@devnull.ruhr.de (Usenet Admin)
Content-Transfer-Encoding: 8bit
Organization: Yes we're organized
Lines: 52
Message-ID: <87rae1dkh7.fsf@devnull.ruhr.de>
References: <5nr27n$ees@vestein.arb-phys.uni-dortmund.de>
<5nu2di$7o@xciv.demon.co.uk> <8767vgm5sw.fsf@devnull.ruhr.de>
<5o2n4k$114@panix2.panix.com>
Date: Tue, 17 Jun 1997 20:48:20 GMT
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.misc:3588 comp.unix.bsd.freebsd.misc:43091
tls@panix.com (Thor Lancelot Simon) writes:
> In article <8767vgm5sw.fsf@devnull.ruhr.de>,
> Benedikt Stockebrand <benedikt@devnull.ruhr.de> wrote:
> >Yes. And once you're at that you also need things flags like
> >"ignoresuid", "ignoredevs" and another bunch of these. If anyone is
> >really going for this you might take a look at Linux first about these
> >flags. Simply having a user mount a file system that contains a suid
> >root file or an improperly protected /dev/kmem doesn't seem such a
> >good idea...
>
> Uh, look at Linux *why*?
*Because* they've had their share of problems with it. Learning from
other peoples bad experiences may save yourself some.
> The "nodev" and "nosuid" and "noexec" flags have
> been available in Berkeley Unix for years. In fact, I believe the first time
> I saw them was as a patch to the SunOS 4.0.3 kernel source.
Ok, so I may have misread the man page. But anyway, there's
definitely one option the (Open)BSD mount/fstab miss: Linux has a
"NOUSER" flag for fstab that will disallow users to mount file systems
with that option. Trying to make this work safely will open up a
mighty can of worms.
OpenBSD has about 7500 lines of source related to mount and
mount_<whatever_fs_you_care_about>. If you really want to make those
setuid-proof you've got a bit of work ahead. And for what? Anyone
who really wants to allow users to mount file systems (like floppy
disk) will be able to write a ten-line C wrapper to do exactly this.
Well, at least anyone who has an idea about the security issues
involved.
Sure, it can be done. The question is: Is it worth the trouble, like
actually doing the work, debugging it, dealing with subsequent
security alerts and SAs using old fstabs that miss the "nouser" flag?
> It's always nice to hear that Linux has invented yet another thing that
> someone else thought of years before. Really.
It's always nice to see people who like to consider themselves
reasonable go into OS bashing mode. Really.
Ben
--
Ben(edikt)? Stockebrand Runaway ping.de Admin---Never Ever Trust Old Friends
My name and email address are not to be added to any list used for advertising
purposes. Any sender of unsolicited advertisement e-mail to this address im-
plicitly agrees to pay a DM 500 fee to the recipient for proofreading services.