usermount being removed from OpenBSD

by
from OpenBSD Journal on (#1MDZ5)

The facility for allowing non-root users to mount file systems has been removed fromOpenBSD-current due to security concerns.

Specifically, the value of kern.usermount(as described in the mount(8) and sysctl(3) man pages) will be ignored in OpenBSD 6.0,and the kern.usermount system variable will be absent from later releases.

Theo de Raadt (deraadt@) committed the change:

CVSROOT:/cvsModule name:srcChanges by:deraadt@cvs.openbsd.org2016/07/14 09:39:40Modified files:sys/kern : vfs_syscalls.c kern_sysctl.c Log message:kern.usermount=1 is unsafe for everyone, since it allows any non-pledgedprogram to call the mount/umount system calls. There is no way any usercan be expected to keep their system safe / reliable with this feature.Ignore setting to =1, and after release we'll delete the sysctl entirely.ok lots of people
Read more...
External Content
Source RSS or Atom Feed
Feed Location http://undeadly.org/cgi?action=rss
Feed Title OpenBSD Journal
Feed Link http://undeadly.org/
Reply 0 comments