Date: Fri, 07 Jul 2023 12:10:44 +0000 From: =?utf-8?Q?Mina_Gali=C4=87?= <freebsd@igalic.co> To: FreeBSD Current <freebsd-current@freebsd.org> Subject: mount_nullfs: /var/run/log: must be either a file or directory Message-ID: <cg0tpJtfXrnRHcTxPtgVhcQwoRWY-vr3PMrATaT7k0vvSuDZxlhe81qjkvJJh-LcLyvK4NOMkaFX70IG-tZY9zMA0giGPEfRdQIxPduXogs=@igalic.co>
index | next in thread | raw e-mail
Hi folks, "recently", we added support for null-mounting single files: https://freshbsd.org/freebsd/src/commit/521fbb722c33663cf00a83bca70ad7cb790687b3 This code restricts the mountable … thing to: if ((lowerrootvp->v_type != VDIR && lowerrootvp->v_type != VREG) || … As the author of the abandoned https://reviews.freebsd.org/D27411 which attempted to add facility to syslog's rc to provide (selected) jails with a log socket, it was pointed out to me that this is a big security risk: https://reviews.freebsd.org/D27411#882100 so I was wondering if null mounts are the same kind of security hazard, or if not allowing sockets is just the oversight of a first approximation of this patch? Kind regards, Mina Galić Try PkgBase: https://alpha.pkgbase.live/help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cg0tpJtfXrnRHcTxPtgVhcQwoRWY-vr3PMrATaT7k0vvSuDZxlhe81qjkvJJh-LcLyvK4NOMkaFX70IG-tZY9zMA0giGPEfRdQIxPduXogs=>