Date: Sun, 7 Oct 2018 22:08:11 +0300 From: Yuri Pankov <yuripv@yuripv.net> To: freebsd-hackers <freebsd-hackers@freebsd.org> Subject: Re: vfs.usermount allows users to do arbitrary unmounts Message-ID: <4c5d948d-f129-2787-1f34-8e4fd96d7144@yuripv.net> In-Reply-To: <da6b55e4-cc5e-96b2-02a1-d102a79aea20@yuripv.net> References: <da6b55e4-cc5e-96b2-02a1-d102a79aea20@yuripv.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Yuri Pankov wrote: > Hi, > > Going through https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232021, > I noticed that unmount(2) will not fail with EPERM as expected on mounts > that don't belong to the user, and which were not mounted by that user, > e.g.: > > # zfs create data/test > # ls -ld /data/test > drwxr-xr-x 2 root wheel 2 Oct 7 21:55 /data/test > $ umount /data/test; echo $? > 0 > > Even if vfs.usermount isn't great from security perspective, is this > expected? Nevermind me, looks like I got it all confused with using `zfs allow`.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4c5d948d-f129-2787-1f34-8e4fd96d7144>