Return to BSD News archive
Newsgroups: comp.unix.bsd.misc,comp.unix.bsd.freebsd.misc Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.cs.su.oz.au!metro!metro!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!cpk-news-hub1.bbnplanet.com!news.bbnplanet.com!howland.erols.net!blackbush.xlink.net!ins.net!ruhr.de!devnull.ruhr.de!usenet From: Benedikt Stockebrand <benedikt@devnull.ruhr.de> Subject: Re: User mount possible? Content-Type: text/plain; charset=iso-8859-1 X-Newsreader: Gnus v5.3/Emacs 19.34 Sender: usenet@devnull.ruhr.de (Usenet Admin) Content-Transfer-Encoding: 8bit Organization: Yes we're organized Lines: 52 Message-ID: <87rae1dkh7.fsf@devnull.ruhr.de> References: <5nr27n$ees@vestein.arb-phys.uni-dortmund.de> <5nu2di$7o@xciv.demon.co.uk> <8767vgm5sw.fsf@devnull.ruhr.de> <5o2n4k$114@panix2.panix.com> Date: Tue, 17 Jun 1997 20:48:20 GMT Xref: euryale.cc.adfa.oz.au comp.unix.bsd.misc:3588 comp.unix.bsd.freebsd.misc:43091 tls@panix.com (Thor Lancelot Simon) writes: > In article <8767vgm5sw.fsf@devnull.ruhr.de>, > Benedikt Stockebrand <benedikt@devnull.ruhr.de> wrote: > >Yes. And once you're at that you also need things flags like > >"ignoresuid", "ignoredevs" and another bunch of these. If anyone is > >really going for this you might take a look at Linux first about these > >flags. Simply having a user mount a file system that contains a suid > >root file or an improperly protected /dev/kmem doesn't seem such a > >good idea... > > Uh, look at Linux *why*? *Because* they've had their share of problems with it. Learning from other peoples bad experiences may save yourself some. > The "nodev" and "nosuid" and "noexec" flags have > been available in Berkeley Unix for years. In fact, I believe the first time > I saw them was as a patch to the SunOS 4.0.3 kernel source. Ok, so I may have misread the man page. But anyway, there's definitely one option the (Open)BSD mount/fstab miss: Linux has a "NOUSER" flag for fstab that will disallow users to mount file systems with that option. Trying to make this work safely will open up a mighty can of worms. OpenBSD has about 7500 lines of source related to mount and mount_<whatever_fs_you_care_about>. If you really want to make those setuid-proof you've got a bit of work ahead. And for what? Anyone who really wants to allow users to mount file systems (like floppy disk) will be able to write a ten-line C wrapper to do exactly this. Well, at least anyone who has an idea about the security issues involved. Sure, it can be done. The question is: Is it worth the trouble, like actually doing the work, debugging it, dealing with subsequent security alerts and SAs using old fstabs that miss the "nouser" flag? > It's always nice to hear that Linux has invented yet another thing that > someone else thought of years before. Really. It's always nice to see people who like to consider themselves reasonable go into OS bashing mode. Really. Ben -- Ben(edikt)? Stockebrand Runaway ping.de Admin---Never Ever Trust Old Friends My name and email address are not to be added to any list used for advertising purposes. Any sender of unsolicited advertisement e-mail to this address im- plicitly agrees to pay a DM 500 fee to the recipient for proofreading services.