Don't allow anyone except root to mount file systems that map uids.

This can have bad security implications, but the impact on FreeBSD
systems is minimal because this fs isn't in the default kernels and it
is unknown if it even works.

Submitted by: Manuel Bouyer <bouyer@antioche.eu.org> and
	Artur Grabowski <art@stacken.kth.se>
This commit is contained in:
Warner Losh 1999-03-12 19:40:39 +00:00
parent 841c7bb674
commit ba1602a8ed
2 changed files with 14 additions and 2 deletions

View File

@ -35,7 +35,7 @@
*
* @(#)umap_vfsops.c 8.8 (Berkeley) 5/14/95
*
* $Id: umap_vfsops.c,v 1.22 1998/05/06 05:29:36 msmith Exp $
* $Id: umap_vfsops.c,v 1.23 1998/09/07 13:17:01 bde Exp $
*/
/*
@ -95,6 +95,12 @@ umapfs_mount(mp, path, data, ndp, p)
int i;
#endif
/*
* Only for root
*/
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
return (error);
#ifdef UMAPFS_DIAGNOSTIC
printf("umapfs_mount(mp = %x)\n", mp);
#endif

View File

@ -35,7 +35,7 @@
*
* @(#)umap_vfsops.c 8.8 (Berkeley) 5/14/95
*
* $Id: umap_vfsops.c,v 1.22 1998/05/06 05:29:36 msmith Exp $
* $Id: umap_vfsops.c,v 1.23 1998/09/07 13:17:01 bde Exp $
*/
/*
@ -95,6 +95,12 @@ umapfs_mount(mp, path, data, ndp, p)
int i;
#endif
/*
* Only for root
*/
if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
return (error);
#ifdef UMAPFS_DIAGNOSTIC
printf("umapfs_mount(mp = %x)\n", mp);
#endif