Mounting floppies

[Guy Harris]

>What is needed is for the kernel to ignore the suid and sgid mode flags
>for a disk mounted by other than root.  Physically changing all of the
>flags is just a time waste.  The kernel already keeps information in
>memory about each mounted file system.  It needs to keep an additional
>mode flag for the file system which is automatically ANDed with all
>file modes from files on that file system, to compute an effective
>mode.

SunOS already includes such a flag; see the M_NOSUID flag in MOUNT(2). 
(I suspect vendors who have picked up NFS from Sun may have picked it up
as well.) The main purpose of this is for mounting NFS file systems from
machines that you don't trust, but the same mechanism could be used for
the similar situation with floppies.

You'd also want to, as Peter Da Silva suggested, have either that flag
or another flag disallow access to special files as well.

Given that flag or flags, you could make "mount" semi-privileged, so
that if you're not super-user you have to have the appropriate
permissions on the device (or whatever you're mounting) and mount point,
and you either have to request M_NOSUID and company - or the system
could just force them to be on if you're not "root".