[ale] user using mount

David Corbin dcorbin at machturtle.com
Sun May 28 12:51:51 EDT 2006


On Sunday 28 May 2006 12:38 pm, Michael B. Trausch wrote:
> On Sun, May 28 2006 09:30, David Corbin wrote:
> > Right.  So an attempt to mount THAT device should fail.  But I can't seem
> > to run an arbitrary mount command for an NFS volume as 'dumb user'.
>
> There is a bigger reason for not permitting a user to mount things
> arbitrarily.  It is a great deal easier -- and more secure -- to whitelist
> permitted behavior, instead of blacklisting prohibited behavior.  Consider
> the implications of a user mounting an NFS volume on the /home mount point,
> or /home/dumbuser, or whatever.
>

OK.  I understand the whitelist vs. blacklist argument.  Howver, I *think* it 
should be secure to mount a remote file system anywhere I have write 
permission.  I'd even settle for having to have "rwx" permission.  Or even 
some other special permission.  Or only if I own the mount point.

It just seems that if I have access to the remote system, I should be able to 
mount in 'my area'.  Now, I happen to be root for all my systems, so it's 
just inconvenience right now.

David




More information about the Ale mailing list