Subject: non-root mounts (was Re: ZIP drives)
To: None <current-users@NetBSD.ORG>
From: Phil Knaack <flipk@ncremp.ag.iastate.edu>
List: current-users
Date: 09/05/1995 15:32:19
mycroft writes:
>Given the security model inherited from 4.4BSD, it's possible to use
>ZIP drives and the like without writing any setuid programs.  All the
>user needs is write permission to the device, and he/she can mount it
>on a directory he/she owns.  If you're at security level 1 or higher,
>another user with write permission to the device won't be able to
>modify the mounted file system.

	While playing with this I discovered a problem I don't know
how to get around, and I would like comments.

	I made /dev/fd0* mode 666, and inserted a floppy to
newfs. Upon completion of newfs, I realized that the root directory of
the floppy (which the mount point inherits despite doing the mount
non-root) is created by default as owned by root and (i think) mode
755. Now this means that a non-root user can't use his newly newfs'd
floppy, because after he mounts it on a directory he owns, he no
longer owns the directory and can't write to it. The only way I can
see to do it is to actually _become_ root, mount it (as root), chown
it to the user's name, and then unmount it and continue.

	Is there a way around this? Like maybe being able to tell
newfs to use a different user ID for the root directory of a new
filesystem?

	Call me curious. :)

Cheers,
Phil