Dear All , To mount removable devices , a user ( NOT root ) requires the following parameter vfs.usermount=1 in /etc/sysctl.conf . A warning is specified in http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/usb-disks.html about its security vulnerabilities . Instead of using vfs.usermount=1 for this purpose , a new parameter may be defined as follows : vfs.removablemount=1 . If vfs.usermount=1 is found in /etc/sysctl.conf , then vfs.removablemount=1 may be assumed , if it is not present in /etc/sysctl.conf . I prefer separate usage : vfs.usermount=1 for ONLY fixed devices , vfs.removablemount=1 for ONLY removable devices . A developer knowing the usage of vfs.usermount in FreeBSD sources may easily implement vfs.removablemount . Such an implementation will fix security vulnerability caused by using vfs.usermount=1 for removable devices . Sometimes , it may be necessary to restrict mount of removable devices due to security requirements . Therefore , supplying a vfs.removablemount= { 0 or 1 } may be a useful improvement . I am NOT able to supply a patch about this because I do NOT know sources sufficiently well . Thank you very much . Mehmet Erol SanliturkReceived on Fri Apr 27 2012 - 21:48:21 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:26 UTC