[RFC] remove "broken_suid" nfs mount option

[Frank van Maarseveen]

This has been discussed first on the nfs mailing list. Summary:

> To: Trond Myklebust
> Cc: Linux NFS mailing list
> Subject: [NFS] broken_suid mount option
> Date: Sun, 5 Sep 2004 23:37:02 +0200
> 
> Is this thing useful anymore? Google came up with this patch submission
> and description from you:
> 
> http://www.ussg.iu.edu/hypermail/linux/kernel/0010.1/1178.html

 "To summarize the feature:
  
    The old NFS had a feature whereby if a setuid process failed due to
  EACCES or EPERM, the RPC engine would drop the privileged credentials,
  and retry using the uid/gid (instead of fsuid/fsgid).
    Of course, this sort of thing may be a security problem, so in 2.4.x
  (and in 2.2.18pre) it has been disabled by default. Unfortunately some
  broken programs rely on this silliness instead of bothering to
  dropping privileges themselves (the setuid version of xterm trying to
  read ~/.Xauthority being one of the more prominent offenders); hence
  the decision to make a new mount option..."


On Sun, Sep 05, 2004 at 06:03:43PM -0400, Trond Myklebust wrote:
> 
> If people agree that we can remove it, then I'll take the patch. The
> whole point of making it a mount option (rather than the default as used
> to be the case earlier) was to allow us to deprecate it.
> 
> Note, though, that we should take this one too to lkml in order to get a
> proper concensus.
> 

-- 
Frank
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/