> If your proposal is to error when the check fails, it will break > hundreds of user machines. > > If your proposal is to emit a warning, it will emit multiple > additional lines of output at boot for correct existing > configurations. > > But you didn't implement a prototype, you didn't test it, yet you > expect to be taken seriously.
it works fine on my system, where the mounts are default + source + various external storage. i think most systems this breaks are probably insecure and should use instead use a symlink as i described in my original post. for the few custom setups where some user is trusted not to overwrite a mount point (or where they should be able to), it would not be hard to add a line permit group trusty /usr/trusty to a mount.conf file. > You really don't seem to read. is this because i did not reply to some of your point? i felt doing so would have strayed beyond usefulness. > Your comment about man.conf suggests we changed something which you > hate and you want to wield it against us. my point is that my impression of OpenBSD and your own policy has been that it is acceptable to break a configuration to better security, and that new users are not expected to become unix security gurus overnight. > Your approach is hostile. i am not the one insulting your ability with language.