From nobody Fri Jul 7 12:10:44 2023 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QyC0d2P1Mz4lk9F for ; Fri, 7 Jul 2023 12:10:57 +0000 (UTC) (envelope-from freebsd@igalic.co) Received: from mail-4317.proton.ch (mail-4317.proton.ch [185.70.43.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QyC0b5S6Nz3DZ8 for ; Fri, 7 Jul 2023 12:10:55 +0000 (UTC) (envelope-from freebsd@igalic.co) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=igalic.co header.s=protonmail header.b=LEypaSmL; spf=pass (mx1.freebsd.org: domain of freebsd@igalic.co designates 185.70.43.17 as permitted sender) smtp.mailfrom=freebsd@igalic.co; dmarc=none Date: Fri, 07 Jul 2023 12:10:44 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=igalic.co; s=protonmail; t=1688731852; x=1688991052; bh=A63dGsBO9/JKMEnHwar+qq1J/wBSqYmmj2ItL2wC4Fs=; h=Date:To:From:Subject:Message-ID:Feedback-ID:From:To:Cc:Date: Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector; b=LEypaSmLx8ZJt0cLw8GDoGWSMYTpjbx8jAXy39ciapvHRMa9OythF0XmOaAtq5Qgc Oj+5gq+2dDskR3ifJk+Mfo3JYqiflMQpZEWYEQgB7ingCOrWWfc5yx3g3klz8hntFw sfj5oArKie7lzqC39BCwwViJ8lgWBbMZgNo3A6dtOSWOABG26+1AGVtmJeJnNb6yry DPfqgpNzGVhtK4v05i7c6qxFiJIl97jjPthRF9B9S13zQ17TzDEPhjG0VOnfi5AnPs E4j1Jm56qjPkfbvf5AIFtQunv+V35Ap8kapydQ+zhb2QnrKBc/y4CqKyJqj/G60Q2Z i5zNlWOh1flRw== To: FreeBSD Current From: =?utf-8?Q?Mina_Gali=C4=87?= Subject: mount_nullfs: /var/run/log: must be either a file or directory Message-ID: Feedback-ID: 66573723:user:proton List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spamd-Result: default: False [-3.89 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-0.998]; NEURAL_HAM_SHORT(-0.99)[-0.994]; RWL_MAILSPIKE_EXCELLENT(-0.40)[185.70.43.17:from]; R_SPF_ALLOW(-0.20)[+ip4:185.70.43.0/24]; R_DKIM_ALLOW(-0.20)[igalic.co:s=protonmail]; MIME_GOOD(-0.10)[text/plain]; MLMMJ_DEST(0.00)[freebsd-current@freebsd.org]; ARC_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_COUNT_ZERO(0.00)[0]; MIME_TRACE(0.00)[0:+]; DKIM_TRACE(0.00)[igalic.co:+]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:62371, ipnet:185.70.43.0/24, country:CH]; FROM_HAS_DN(0.00)[]; TO_DN_ALL(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DMARC_NA(0.00)[igalic.co]; MID_RHS_MATCH_FROM(0.00)[] X-Rspamd-Queue-Id: 4QyC0b5S6Nz3DZ8 X-Spamd-Bar: --- X-ThisMailContainsUnwantedMimeParts: N Hi folks, "recently", we added support for null-mounting single files: https://freshbsd.org/freebsd/src/commit/521fbb722c33663cf00a83bca70ad7cb790= 687b3 This code restricts the mountable =E2=80=A6 thing to: =09if ((lowerrootvp->v_type !=3D VDIR && lowerrootvp->v_type !=3D VREG) || = =E2=80=A6 As the author of the abandoned https://reviews.freebsd.org/D27411 which attempted to add facility to syslog's rc to provide (selected) jails with a log socket, it was pointed out to me that this is a big security risk: https://reviews.freebsd.org/D27411#882100 so I was wondering if null mounts are the same kind of security hazard, or if not allowing sockets is just the oversight of a first approximation of this patch? Kind regards, Mina Gali=C4=87 Try PkgBase: https://alpha.pkgbase.live/