From owner-freebsd-bugs@FreeBSD.ORG  Thu Mar  6 08:20:02 2014
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id F12B522A
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Thu,  6 Mar 2014 08:20:02 +0000 (UTC)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id DECB0DD9
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Thu,  6 Mar 2014 08:20:02 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.8/8.14.8) with ESMTP id s268K2ZB086251
 for <freebsd-bugs@freefall.freebsd.org>; Thu, 6 Mar 2014 08:20:02 GMT
 (envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
 by freefall.freebsd.org (8.14.8/8.14.8/Submit) id s268K2W7086250;
 Thu, 6 Mar 2014 08:20:02 GMT (envelope-from gnats)
Date: Thu, 6 Mar 2014 08:20:02 GMT
Message-Id: <201403060820.s268K2W7086250@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Matthias Meyser <meyser@xenet.de>
Subject: Re: misc/187079: devfs_load_rulesets has to be enabled for mount.devfs
 to behave like expected
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: Matthias Meyser <meyser@xenet.de>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Mar 2014 08:20:03 -0000

The following reply was made to PR misc/187079; it has been noted by GNATS.

From: Matthias Meyser <meyser@xenet.de>
To: bug-followup@FreeBSD.org, rs@bytecamp.net, secteam@FreeBSD.org
Cc:  
Subject: Re: misc/187079: devfs_load_rulesets has to be enabled for mount.devfs
 to behave like expected
Date: Thu, 06 Mar 2014 09:17:48 +0100

 I think this should fixed asap or everyone updating
 FreeBSD end up in running insecure jails.
 
 At least there should be a big fat warning in UPDATING.
 
 Better /etc/rc.d/jail should emit a warning.
 
 Best devfs.rules should be loaded as needed.
 This would restore the old behavior an not break POLA.
 
 with regards
     Matthias Meyser
 -- 
 Matthias Meyser            | XeNET GmbH
 Tel.:  +49-5323-9489050    | 38678 Clausthal-Zellerfeld, Marktstrasse 40
 Fax:   +49-5323-94014      | Registergericht: Amtsgericht Braunschweig HRB 
 110823
 Email: Meyser@xenet.de     | Geschaeftsfuehrer: Matthias Meyser