On 2020-09-16 01:59, Andrei POPESCU wrote:
On Sb, 12 sep 20, 15:00:57, Bob Weber wrote:Warning: If you forget to open and mount the file encrypted.img to $HOME/Private/ and you copy files to $HOME/Private/ it will appear to work correctly but they will not be encrypted! If you don't move the files out of $HOME/Private/ before you correct the mistake and mount encrypted.img you will not see those files in $HOME/Private/ until you unmount encrypted.img.Regardless if encrypted or not, I think it is good practice to have all mountpoints (NOT filesystems) owned by root and permission 0000.
That's an interesting suggestion. /f1 is a mount point on my workstation for the root filesystem on one of my servers:
2020-09-16 12:34:14 root@tinkywinky ~ # grep f1 /etc/fstab f1:/ /f1 fuse.sshfs ro,noauto 0 0 It is not mounted: 2020-09-16 12:34:20 root@tinkywinky ~ # mount | grep f1 The permissions on the mount point are default, as set by mkdir(1): 2020-09-16 12:35:42 root@tinkywinky ~ # ll -d /f1 drwxr-xr-x 2 root root 4096 2020-09-16 12:33:41 /f1/ If I change the mode of the mount point to 0000: 2020-09-16 12:51:28 root@tinkywinky ~ # chmod 0000 /f1 2020-09-16 12:53:08 root@tinkywinky ~ # ls -la /f1 total 8 d--------- 2 root root 4096 Sep 16 12:53 . drwxr-xr-x 26 root root 4096 Aug 30 13:39 .. Root can still create files inside the mount point: 2020-09-16 12:53:09 root@tinkywinky ~ # echo 'hello, world!' > /f1/hello 2020-09-16 12:53:41 root@tinkywinky ~ # ls -la /f1 total 12 d--------- 2 root root 4096 Sep 16 12:53 . drwxr-xr-x 26 root root 4096 Aug 30 13:39 .. -rw-r--r-- 1 root root 14 Sep 16 12:53 hello 2020-09-16 12:53:44 root@tinkywinky ~ # cat /f1/hello hello, world!Is there some advantage other than making a long listing visually distinctive when the mount point is not in use?
David