On 2003-01-30 15:52, Garrett Wollman <[EMAIL PROTECTED]> wrote: > <<On Wed, 29 Jan 2003 18:17:31 -0800, Kirk McKusick <[EMAIL PROTECTED]> >said: > > The other alternative would be to > > create a setuid-to-root program that would take a snapshot and > > chown it to the user that does dumps. > > I think this would actually be a useful feature for more than just > dumps. I might want to allow some users (say, those in group > `operator') to be able to create snapshots on their own, without > allowing arbitrary mounting privileges.
Do normal permissions apply for the files included in a snapshot? It would be horrible from a security standpoint if any user could use a setuid program to snapshot filesystems, mount the snapshot to places of their own, and read random files from the mounted snapshot. </knee jerk reaction> - Giorgos To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
