Re: mount -u -r drops nosuid ?
Andriy Gapon <avg@icyb.net.ua> writes:
> Not sure if this is a bug or a feature, but it seems like potential
> security risk: I have a ufs fs mounted rw+nosuid, then I needed to
> downgrade it to ro, so I executed mount -u -r on it - imagine my surpise
> when I found that nosuid flag was removed as well. I know I could have
> used mount -u -r -o nosuid, but the present behavior seems to be
> non-obvious (update one flag, orthogonal flags dropped as well) and
> dangerously so.
>
> System is 5.4-RELEASE-p3 i386
The behaviour is explicitly documented.
I think it is safer (less room to shoot yourself in the foot) to have
the flags be exactly the ones you specified in the remount (no more,
no less) than to have to know exactly what the state was beforehand.
But clearly it's possible to surprise the operator either way.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 2 之 4 篇):