tech-kern: Re: kern/7129: normal user can bypass mount 'noexec' flags

Subject: Re: kern/7129: normal user can bypass mount 'noexec' flags
To: Manuel Bouyer <bouyer@antioche.lip6.fr>
From: Jason Thorpe <thorpej@nas.nasa.gov>
List: tech-kern
Date: 03/11/1999 11:42:40

On Thu, 11 Mar 1999 20:29:39 +0100 
 Manuel Bouyer <bouyer@antioche.lip6.fr> wrote:

 > I'm not sure everybody would want this. I actually use nullfs to gain
 > privileges: on my server my home partition is mounted 'noexec'. I
 > occasionally use nullfs to mount a portion of the tree I have on this partition
 > so that I can compile a package that need execution rigths.
 > Of course I do the mount as root.

As root, you would, of course, be able to change these flags with a
MNT_UPDATE.

 > nosuid and nodev are already forced for user mounts.

...right, but what if we add more mount attributes?  It seems only logical
that stacked mounts should inherit them.

        -- Jason R. Thorpe <thorpej@nas.nasa.gov>