Hello everyone, Basically multiple mounts don't check the requested options from the system call against what the superblock already has stored in sb->s_flags and since it just uses the existing superblock it is possible to mount partitions with options different than what you requested, without userland ever being the wiser. I've tried this on several machines with up-to-date mount + kernels (2.10m, 2.4.0test5-prex). Here is a quick example, say sda1 is already mounted as /, rw. next step is 'mount -t ext2 -o ro /dev/sda1 /mnt'. this goes fine, running 'mount' or 'cat /etc/mtab' looks fine (mounted ro). however if you 'touch /mnt/file' it lets you, so it is obviously not ro. looking a little further, 'cat /proc/mounts and you see the kernel has mounted it rw. this inconsistency is no good. it needs to do some sort of check around line 778 maybe.. not really sure if there are masks involved or what not so I'll leave the real coding to you guys. pseudocode: if(sb->flags == flags){ if (fs_type == sb->s_type) { path_release(&nd); return sb; } }else { error=-ESOMETHING; goto out; } This bug is also present in the bind mounts, although I'm not positive on how it works there because I haven't looked at the code (I am not much of a kernel person anyways, this is all giving me large headaches ;). The same example but with 'mount -t bind -o ro / /mnt' should do the trick to show the bug. This has already been sent to sct, tytso, al vito, and lkml, and I've finally been advised I should send it here. hopefully someone can now patch it so I can stop fwding this everywhere ;) enjoy, -b