This has been discussed first on the nfs mailing list. Summary:
> To: Trond Myklebust
> Cc: Linux NFS mailing list
> Subject: [NFS] broken_suid mount option
> Date: Sun, 5 Sep 2004 23:37:02 +0200
>
> Is this thing useful anymore? Google came up with this patch submission
> and description from you:
>
> http://www.ussg.iu.edu/hypermail/linux/kernel/0010.1/1178.html
"To summarize the feature:
The old NFS had a feature whereby if a setuid process failed due to
EACCES or EPERM, the RPC engine would drop the privileged credentials,
and retry using the uid/gid (instead of fsuid/fsgid).
Of course, this sort of thing may be a security problem, so in 2.4.x
(and in 2.2.18pre) it has been disabled by default. Unfortunately some
broken programs rely on this silliness instead of bothering to
dropping privileges themselves (the setuid version of xterm trying to
read ~/.Xauthority being one of the more prominent offenders); hence
the decision to make a new mount option..."
On Sun, Sep 05, 2004 at 06:03:43PM -0400, Trond Myklebust wrote:
>
> If people agree that we can remove it, then I'll take the patch. The
> whole point of making it a mount option (rather than the default as used
> to be the case earlier) was to allow us to deprecate it.
>
> Note, though, that we should take this one too to lkml in order to get a
> proper concensus.
>
--
Frank