Subject: usermount semantics changed... Why?
To: None <current-users@netbsd.org>
From: Peter Seebach <seebs@seebs.net>
List: current-users
Date: 06/10/2007 08:49:54
With kauth in place, there's a noticable change to the usermount
semantics: Non-root users can only mount nodev,noexec,nosuid.
I couldn't find any documentation explaining this, and it took a
while to find the corresponding piece of source.
I can certainly see reasons to want nodev and nosuid. I'm a
bit unsure about the need for noexec, and it does make it hard
to run some installers.
Wouldn't it be cleaner, though, to enforce these by automatically
setting these options for non-root mounts, rather than by giving
EPERM? I suppose it's a quiet change, but I would probably rather
have a quiet change that preserves the function of "I want to browse
this CD" than a loud change which requires me to read the kauth
source to find out what additional flags I need. :)
-s