Thanks for prompt and relevant reply.
> mode= is only interpreted
> as octal if there is a leading 0.
BUILD_DIR/mount -nv -t iso9660 -o ro,norock,mode=0400,uid=ID_OF_REGULAR_USER DEVICE DIR
yielded the same results. Since absolute BUILD_DIR name was long
enough for `strace' to cut it in its output, later changed (currend
directory) to BUILD_DIR and invoked `./mount'. The `strace'
invocation as requested outputs:
execve("./mount", ["./mount", "-n", "-t", "iso9660", "-o", "ro,norock,mode=0400,uid=ID_OF_REGULAR_USER", "DEVICE", "DIR"], [/* NUMBER vars */]) = 0
mount("DEVICE", "DIR", "iso9660", MS_RDONLY|MS_POSIXACL|MS_ACTIVE|MS_NOUSER|0xec0000, 0x50fe60) = 0
When omitted `uid=' mount option, the directory was still left with
`r-xr-xr-x' permissions (however owned by `root root'). `strace
-emount' would output:
mount("DEVICE", "DIR", "iso9660", MS_RDONLY|MS_POSIXACL|MS_ACTIVE|MS_NOUSER|0xec0000, 0x50f8b0) = 0
> trivial to avoid anyways: start
> with a root-restricted permission setup at mount
This means exactly what is trying to do: to have `mount' (system call)
itself leave mounted DIR with no read permissions for anybody except -
root, for that matter. Again, thanks for suggesting how to obtain
more details.
-
To unsubscribe from this list: send the line "unsubscribe util-linux-ng" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
