Reuben ua Bríġ <u5644...@anu.edu.au> wrote:
> mount(8) will follow a symlink(7), so obviously it is *very* stupid to
> mount under a directory a user other than root has write permission for,
> as they could, for example
>
> rm -rf path
> ln -s /etc path
>
> ? so why doesnt the man page for mount(8) mention anything.
Over decades, manual page authors have put in their best effort
documenting the most important details. As a result, sometimes manual
pages won't document the 1 specific detail you want to complain is
missing.
No manual page can document absolutely everything. They would turn into
books, and as the total volume of text increases which needs to be
handled by the same number of people, maintainance would become more
difficult and overall quality would suffer.
This symbolic link concern does not just apply to mounting, it is a
fundamental aspect of unix resolution.
There is also risk of over-documenting. An explanation or warning would
probably take 2 sentences. Using space to focus on this problem might
detract readers from absorbing other documentation details.
The risk you describe is simply the outcome of a part of unix, and it
applies to everything that uses a path. So why document it just in one
manual page?
I notice you didn't propose a clean change to the manual page. Maybe
you recognize the effort involved to add text to the manual page in a
clean way.
> ? why doesnt mount(8) warn when a mount is unsafe,
> like ssh(1) does with ~/.ssh
Probably because testing for the situation would be an unreliable race.
BTW, you explain the ssh behaviour incorrectly. It does not warn. It
fails, and refuses to continue. Failure is not permitted for the mount
system call in this circumstance, and the entire path upwards cannot be
verified atomically. A racy warning also requires warning to stderr.
There are lots of complex considereations to your handwavy propose.
