Subject: Re: Mount permissions
To: Chris G. Demetriou <cgd@netbsd.org>
From: R. C. Dowdeswell <elric@mabelode.imrryr.org>
List: tech-kern
Date: 01/24/2000 12:21:47
On 948730343 seconds since the Beginning of the UNIX epoch
Chris G. Demetriou wrote:
>
>Some things do require kernel support, though: e.g. I'd like to see a
>way to do user-mountable file systems which include nodev,nosuid, but
>which the mounting user can do anything do, including create files as
>other UIDs and even make them set-id. (It'd be Nice to be able to
>make file system images without needing root.)
I was actually thinking the other day that perhaps a UID/GID mapping
stackable fs which had the following properties would be good for this:
1 there is a flat file in mtree format storing the
permissions of files in the fs.
2 files can be created, chowned, and the like to arbitrary
users even if you aren't root and said changes are put into
the mtree file.
3 the changes only take effect in the underlying fs if you
are root.
4 Although queries give results of the mtree file, actual
accesses are based on the underlying fs.
With a few refinements, I think that this might provide for having
a file system that allows the build system to run as an arbitrary
user, but not compromise security. Point 4 is actually negotiable,
as one could rather easily give pax the ability to use the mtree
file as a template for the permissions.
I am a bit concerned about the fact that this idea breaks some of
the file system semantics. And, now that I think about it, one
could just as easily require that all installs use /usr/bin/install
and have it append a line to an mtree file with the right arguments
(and/or environment variables). And then modify pax to use the
mtree file as a template for the permissions.
== Roland Dowdeswell http://www.Imrryr.ORG/~elric/ ==
== The Unofficial NetBSD Web Pages http://www.Imrryr.ORG/NetBSD/ ==
== The NetBSD Project http://www.NetBSD.ORG/ ==