From owner-freebsd-arch@FreeBSD.ORG Mon Oct 27 11:07:09 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2D11E106569B for ; Mon, 27 Oct 2008 11:07:09 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id E068A8FC20 for ; Mon, 27 Oct 2008 11:07:08 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id m9RB78qd001873 for ; Mon, 27 Oct 2008 11:07:08 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id m9RB78A3001869 for freebsd-arch@FreeBSD.org; Mon, 27 Oct 2008 11:07:08 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 27 Oct 2008 11:07:08 GMT Message-Id: <200810271107.m9RB78A3001869@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-arch@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-arch@FreeBSD.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Oct 2008 11:07:09 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/120749 arch [request] Suggest upping the default kern.ps_arg_cache 1 problem total. From owner-freebsd-arch@FreeBSD.ORG Mon Oct 27 19:51:05 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 39B2C1065705 for ; Mon, 27 Oct 2008 19:51:05 +0000 (UTC) (envelope-from trasz@FreeBSD.org) Received: from pin.if.uz.zgora.pl (pin.if.uz.zgora.pl [212.109.128.251]) by mx1.freebsd.org (Postfix) with ESMTP id F3F838FC25 for ; Mon, 27 Oct 2008 19:51:04 +0000 (UTC) (envelope-from trasz@FreeBSD.org) Received: by pin.if.uz.zgora.pl (Postfix, from userid 1001) id 898C639BCB; Mon, 27 Oct 2008 20:35:45 +0100 (CET) Date: Mon, 27 Oct 2008 20:35:45 +0100 From: Edward Tomasz Napierala To: freebsd-arch@FreeBSD.org Message-ID: <20081027193545.GA95872@pin.if.uz.zgora.pl> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline User-Agent: Mutt/1.5.18 (2008-05-17) Cc: Subject: Directory rename semantics. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Oct 2008 19:51:05 -0000 Let's say we have two directories, "A/" and "B/". We also have a file, "A/F". To remove that file, we need write access to "A/". To move that file to "B/", we need write access to both "A/" and "B/". Now, assume we have a directory, "A/D". To remove that directory, we need write access to "A/". To move that directory to "B/", we need write access to "A/", "B/", _and "A/D"_. I'd like to remove the last check (requirement to have write access to a directory we want to move somewhere else). Reason for this is that it doesn't seem very logical, and many systems - including SunOS, and our ZFS - behave differently. In other words, we have different semantics on UFS and ZFS. This change seems to be ok from the standards point of view - SUSv3 says the operating system MAY perform this check. Index: sys/ufs/ufs/ufs_vnops.c =================================================================== --- sys/ufs/ufs/ufs_vnops.c (revision 182813) +++ sys/ufs/ufs/ufs_vnops.c (working copy) @@ -1122,19 +1122,14 @@ * If ".." must be changed (ie the directory gets a new * parent) then the source directory must not be in the * directory hierarchy above the target, as this would - * orphan everything below the source directory. Also - * the user must have write permission in the source so - * as to be able to change "..". We must repeat the call - * to namei, as the parent directory is unlocked by the - * call to checkpath(). + * orphan everything below the source directory. We must + * repeat the call to namei, as the parent directory + * is unlocked by the call to checkpath(). */ - error = VOP_ACCESS(fvp, VWRITE, tcnp->cn_cred, tcnp->cn_thread); VOP_UNLOCK(fvp, 0); if (oldparent != dp->i_number) newparent = dp->i_number; if (doingdirectory && newparent) { - if (error) /* write access check above */ - goto bad; if (xp != NULL) vput(tvp); error = ufs_checkpath(ip, dp, tcnp->cn_cred); From owner-freebsd-arch@FreeBSD.ORG Tue Oct 28 16:55:35 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8A48010656A1 for ; Tue, 28 Oct 2008 16:55:35 +0000 (UTC) (envelope-from das@FreeBSD.ORG) Received: from zim.MIT.EDU (ZIM.MIT.EDU [18.95.3.101]) by mx1.freebsd.org (Postfix) with ESMTP id 4DB8E8FC16 for ; Tue, 28 Oct 2008 16:55:35 +0000 (UTC) (envelope-from das@FreeBSD.ORG) Received: from zim.MIT.EDU (localhost [127.0.0.1]) by zim.MIT.EDU (8.14.3/8.14.2) with ESMTP id m9SGItGI045166; Tue, 28 Oct 2008 12:18:55 -0400 (EDT) (envelope-from das@FreeBSD.ORG) Received: (from das@localhost) by zim.MIT.EDU (8.14.3/8.14.2/Submit) id m9SGIteW045165; Tue, 28 Oct 2008 12:18:55 -0400 (EDT) (envelope-from das@FreeBSD.ORG) Date: Tue, 28 Oct 2008 12:18:55 -0400 From: David Schultz To: Edward Tomasz Napierala Message-ID: <20081028161855.GA45129@zim.MIT.EDU> Mail-Followup-To: Edward Tomasz Napierala , freebsd-arch@FreeBSD.ORG References: <20081027193545.GA95872@pin.if.uz.zgora.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20081027193545.GA95872@pin.if.uz.zgora.pl> Cc: freebsd-arch@FreeBSD.ORG Subject: Re: Directory rename semantics. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Oct 2008 16:55:35 -0000 On Mon, Oct 27, 2008, Edward Tomasz Napierala wrote: > Let's say we have two directories, "A/" and "B/". We also have a > file, "A/F". To remove that file, we need write access to "A/". > To move that file to "B/", we need write access to both "A/" and > "B/". Now, assume we have a directory, "A/D". To remove that > directory, we need write access to "A/". To move that directory > to "B/", we need write access to "A/", "B/", _and "A/D"_. > > I'd like to remove the last check (requirement to have write access > to a directory we want to move somewhere else). Reason for this > is that it doesn't seem very logical, and many systems - including > SunOS, and our ZFS - behave differently. In other words, we have > different semantics on UFS and ZFS. No comment on other operating systems or standards, but I wanted to point out that there is some logic to FreeBSD's present behavior: When you move A/D, you must be able to write to D, because you are modifying D's ".." entry to point to B instead of A. >From a practical point of view, I think either behavior is fine, but we should consider whether any security-critical applications rely on the current behavior before changing it. From owner-freebsd-arch@FreeBSD.ORG Wed Oct 29 12:37:39 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DE7591065670; Wed, 29 Oct 2008 12:37:39 +0000 (UTC) (envelope-from avg@icyb.net.ua) Received: from falcon.cybervisiontech.com (falcon.cybervisiontech.com [217.20.163.9]) by mx1.freebsd.org (Postfix) with ESMTP id 92E858FC19; Wed, 29 Oct 2008 12:37:39 +0000 (UTC) (envelope-from avg@icyb.net.ua) Received: from localhost (localhost [127.0.0.1]) by falcon.cybervisiontech.com (Postfix) with ESMTP id E5949744175; Wed, 29 Oct 2008 14:37:36 +0200 (EET) X-Virus-Scanned: Debian amavisd-new at falcon.cybervisiontech.com Received: from falcon.cybervisiontech.com ([127.0.0.1]) by localhost (falcon.cybervisiontech.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tWfdVxYu6Jao; Wed, 29 Oct 2008 14:37:36 +0200 (EET) Received: from [10.2.1.87] (gateway.cybervisiontech.com.ua [91.198.50.114]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by falcon.cybervisiontech.com (Postfix) with ESMTP id 34749744005; Wed, 29 Oct 2008 14:37:33 +0200 (EET) Message-ID: <4908590C.1030904@icyb.net.ua> Date: Wed, 29 Oct 2008 14:37:32 +0200 From: Andriy Gapon User-Agent: Thunderbird 2.0.0.17 (X11/20080929) MIME-Version: 1.0 To: Edward Tomasz Napierala , freebsd-arch@FreeBSD.ORG References: <20081027193545.GA95872@pin.if.uz.zgora.pl> <20081028161855.GA45129@zim.MIT.EDU> In-Reply-To: <20081028161855.GA45129@zim.MIT.EDU> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Subject: Re: Directory rename semantics. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Oct 2008 12:37:40 -0000 on 28/10/2008 18:18 David Schultz said the following: > On Mon, Oct 27, 2008, Edward Tomasz Napierala wrote: >> Let's say we have two directories, "A/" and "B/". We also have a >> file, "A/F". To remove that file, we need write access to "A/". >> To move that file to "B/", we need write access to both "A/" and >> "B/". Now, assume we have a directory, "A/D". To remove that >> directory, we need write access to "A/". To move that directory >> to "B/", we need write access to "A/", "B/", _and "A/D"_. >> >> I'd like to remove the last check (requirement to have write access >> to a directory we want to move somewhere else). Reason for this >> is that it doesn't seem very logical, and many systems - including >> SunOS, and our ZFS - behave differently. In other words, we have >> different semantics on UFS and ZFS. > > No comment on other operating systems or standards, but I wanted > to point out that there is some logic to FreeBSD's present behavior: > When you move A/D, you must be able to write to D, because you are > modifying D's ".." entry to point to B instead of A. > >>From a practical point of view, I think either behavior is fine, > but we should consider whether any security-critical applications > rely on the current behavior before changing it. Control this check by a sysctl under security.bsd? -- Andriy Gapon From owner-freebsd-arch@FreeBSD.ORG Thu Oct 30 19:34:48 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 82381106567C for ; Thu, 30 Oct 2008 19:34:48 +0000 (UTC) (envelope-from cokane@FreeBSD.org) Received: from mail-out1.fuse.net (mail-out1.fuse.net [216.68.8.175]) by mx1.freebsd.org (Postfix) with ESMTP id 3EEC98FC0C for ; Thu, 30 Oct 2008 19:34:48 +0000 (UTC) (envelope-from cokane@FreeBSD.org) X-CNFS-Analysis: v=1.0 c=1 a=HEtvVF8Ib6cA:10 a=LkYvsgB9u1MH7Ao0BLhsLg==:17 a=zejqw3Mb-gFYugGNjTUA:9 a=S-Lg8KyUXhfDS742mJkA:7 a=kTM-z_S4bKLhI82u_LVG-ar5zoQA:4 a=LY0hPdMaydYA:10 a=BTCFpo_HUj46I554w5sA:9 a=7IbvXM9PnK2CwTaX_7wQ21diqS4A:4 a=rPt6xJ-oxjAA:10 X-CM-Score: 0 X-Scanned-by: Cloudmark Authority Engine Received: from [74.215.227.9] ([74.215.227.9:50649] helo=mail.cokane.org) by mail-out1.fuse.net (ecelerity 2.1.1.22 r(17669)) with ESMTP id 05/FF-12734-2D80A094 for ; Thu, 30 Oct 2008 15:19:46 -0400 Received: by mail.cokane.org (Postfix, from userid 103) id 4D48D35A7D5; Thu, 30 Oct 2008 15:19:46 -0400 (EDT) X-Spam-Checker-Version: SpamAssassin 3.1.8-gr1 (2007-02-13) on discordia X-Spam-Level: X-Spam-Status: No, score=-3.6 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DNS_FROM_SECURITYSAGE autolearn=no version=3.1.8-gr1 Received: from [172.31.1.6] (unknown [172.31.1.6]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.cokane.org (Postfix) with ESMTP id 215C035A7D4; Thu, 30 Oct 2008 15:19:40 -0400 (EDT) From: Coleman Kane To: David Schultz In-Reply-To: <20081028161855.GA45129@zim.MIT.EDU> References: <20081027193545.GA95872@pin.if.uz.zgora.pl> <20081028161855.GA45129@zim.MIT.EDU> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-OAYazdp9h5URcUpJ2YAl" Organization: FreeBSD Project Date: Thu, 30 Oct 2008 15:16:54 -0400 Message-Id: <1225394214.5610.6.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.22.3.1 FreeBSD GNOME Team Port Cc: Edward Tomasz Napierala , freebsd-arch@FreeBSD.ORG Subject: Re: Directory rename semantics. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Oct 2008 19:34:48 -0000 --=-OAYazdp9h5URcUpJ2YAl Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Tue, 2008-10-28 at 12:18 -0400, David Schultz wrote: > On Mon, Oct 27, 2008, Edward Tomasz Napierala wrote: > > Let's say we have two directories, "A/" and "B/". We also have a > > file, "A/F". To remove that file, we need write access to "A/". > > To move that file to "B/", we need write access to both "A/" and > > "B/". Now, assume we have a directory, "A/D". To remove that > > directory, we need write access to "A/". To move that directory > > to "B/", we need write access to "A/", "B/", _and "A/D"_. > >=20 > > I'd like to remove the last check (requirement to have write access > > to a directory we want to move somewhere else). Reason for this > > is that it doesn't seem very logical, and many systems - including > > SunOS, and our ZFS - behave differently. In other words, we have > > different semantics on UFS and ZFS. >=20 > No comment on other operating systems or standards, but I wanted > to point out that there is some logic to FreeBSD's present behavior: > When you move A/D, you must be able to write to D, because you are > modifying D's ".." entry to point to B instead of A. >=20 > >From a practical point of view, I think either behavior is fine, > but we should consider whether any security-critical applications > rely on the current behavior before changing it. I was always mystified by the reason for this behavior until now... As for my input, I think the change sounds fine (perhaps allowing revert to old behavior via a sysctl). --=20 Coleman Kane --=-OAYazdp9h5URcUpJ2YAl Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEUEABECAAYFAkkKCCIACgkQcMSxQcXat5fmygCXZqwgMnp9NvJjhOt1sn/gXfGP EQCfekwNaPCCSePdMfDxOOgpQr1b4WY= =HMe3 -----END PGP SIGNATURE----- --=-OAYazdp9h5URcUpJ2YAl--