-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Jeff" == Jeff Dike <jdike@...> writes:
Jeff> mcr@... said:
>> It seems that I can have a hostfs root via:
>> but, I can't do this for other file systems. I had expected to be able
>> to do:
Jeff> Right. The ubd0=/my/root/dir is a special kludge for root hostfs. Once the
Jeff> machine is booted, there's no need for it any more. You just put a nodev
Jeff> hostfs line in your fstab or mount it by hand and you're good to go.
>> But that gets my host's / on /usr/share. Adding "/usr/share" to the
>> options fixes, this but this is a bit non-intuitive given how ubd0
Jeff> Do it like this (plus putting the '-o /usr/share' in there somewhere):
Jeff> none /usr/share hostfs defaults,ro 0 0
yes, I figured that part out.
Jeff> That's the way virtual filesystems are supposed to be mounted
Jeff> The fact that something happens with /dev/ubd/1 is just a symptom of me not
Jeff> yet having written the code that forbids it.
Yeah, so if I compile in hostfs or if I permit kernel modules, then root
inside of UML can trivially look at any o+r file on the host system?
I think that this sucks for people doing security stuff.
Instead, I suggest that hostfs must mount against a device of some kind,
and that this device be configured on command line. If you want, you can do:
"thedevice=/" to get the whole fs if that is appropriate.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@... http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Comment: Finger me for keys
-----END PGP SIGNATURE-----