Re: fmount system call

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Kevin M. Bealer: "Re: freepages in proc doesn't work right."
• Previous message: Larry M. Augustin: "Re: ppp 2.3.1 patch for Linux 2.1.4x+"
• In reply to: David Wuertele: "Re: Does the K6-PR233ANR work with Linux 2.0.30 and ASUS TX97-XE motherboard?"

during the smbfs-rewrite I remembered the security problem in smbmount
and ncpmount. Both programs are designed to let the user mount remote
file systems of his own. This is necessary because the remote file
systems are per-user password protected. To do this, they check
whether the user has write permissions on the mount point and then
mount the file. Playing with links between the check and the real
mount creates quite well-known races.

As far as I can see this problem can be removed by a system call that
accepts a file descriptor as a mount point.

An alternate solution would be to allow users to run the mount system
call as unprivileged users, but have the kernel enforce some basic
security policy (users must own the mount point, nosuid, nodev,
etc. would be turned on, etc.) I think BSD does this, and it's not
necessarily a bad idea....

- Ted

• Next message: Kevin M. Bealer: "Re: freepages in proc doesn't work right."
• Previous message: Larry M. Augustin: "Re: ppp 2.3.1 patch for Linux 2.1.4x+"
• In reply to: David Wuertele: "Re: Does the K6-PR233ANR work with Linux 2.0.30 and ASUS TX97-XE motherboard?"