smbfs displays the uid of the mounter in show_mounts (viewable in
/proc/mounts ) and this would allow a setuid unmount program to check
the uid of the mounter via /proc/mounts (there is also an ioctl which
does something similar).
Is this approach secure enough?
I slightly prefer an approach in which a program that wishes to check if
the current->uid matches that of the mounter (or that uid which was
specified on the mount command option and which was saved in the fs's
superblock) simply calls an empty ioctl to the fs - which returns yes/no
(the uid of the current process, matches the uid of the process that did
the mount or not, this requires the fs to save the uid at mount but
presumably has the disadvantage of opening a file to get a handle that
you can use for the ioctl).
There are other ways to achieve somewhat similar effect - of allowing
user mounts and unmounts via fstab - but I have had users request a way
to do this via a setuid filesystem specific umount util.
Is there a security issue with displaying the uid of the mounter via the
fs's show_mounts (shows up in /proc/mounts)