Date: Wed, 31 May 2006 15:25:37 -0300 From: "=?ISO-8859-1?Q?Andr=E9_Braga?=" <meianoite@gmail.com> To: "Alexander Leidinger" <Alexander@leidinger.net> Cc: ozawa@ongs.co.jp, dkirhlarov@oilspace.com, freebsd-hackers@freebsd.org, Daichi GOTO <daichi@freebsd.org>, freebsd-listen@fabiankeil.de, freebsd-fs@freebsd.org, freebsd-current@freebsd.org, kris@obsecurity.org, =?ISO-8859-1?Q?Dag-Erling_Sm=F8rgrav?= <des@des.no> Subject: Re: [ANN] unionfs patchset-13 release Message-ID: <2ad73a0605311125h7ac8a927t33bbfadf9fe18c33@mail.gmail.com> In-Reply-To: <20060531133814.acykloyqhkcccg80@netchild.homeip.net> References: <E1F5gbI-000Eea-B7@cs1.cs.huji.ac.il> <43E73330.8070101@freebsd.org> <43EB4C00.2030101@freebsd.org> <4417DD8D.3050201@freebsd.org> <4433CA53.5050000@freebsd.org> <444E13BA.8050902@freebsd.org> <4475C119.1020305@freebsd.org> <447C919B.20303@freebsd.org> <86bqteikj4.fsf@xps.des.no> <20060531133814.acykloyqhkcccg80@netchild.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/31/06, Alexander Leidinger <Alexander@leidinger.net> wrote: > If everyone is happy with the current patchset (if the man-page is > still missing, we may agree that it can be delivered at a later time), > I can try to get time to do it at the weekend (but feel free to beat > me in committing it). Hello, I haven't been able to test whether the new patchset handles the bug I reported to Mr. Daichi Goto but so far haven't received a reply. Perhaps my message got lost somewhere, so I thought it would be a good idea to report this bug again. I diff'ed -p11 against -p12 (not yet against -p13) but haven't been able to determine myself if this bug got fixed. To foreign a code for me to understand as I have no background on the inner workings of FreeBSD's VFS, so I can't realy tell if the differences were sufficient to fix the bug. Here's a reprint of my bug report when -p11 was the newest available versio= n. A post scriptum to the original message: The buggy behaviour won't affect the host system, but the jail could well be compromised. I also have this feeling that ACLs also aren't respected inside jails or can be overwritten as easily as shown below Thanks, Andr=E9 ---------------------- 8< ---------------------- Hi, Once again, thank you for your patch. I believe I have found a bug: If a file or directory has non-default flags and this directory is mounted below a target point, the resulting union will not preserve the directory flags. Worse, it will appear as if the file flags are preserved, but they are not and as soon as a file that should not be modified gets modified, the flags are reset to the default state on the union mount. This could pose a *serious* security breach for people running jails rooted on unionfs mounts, like I intended to. Test case: (discrepancies are marked by a line containing "**** NOTICE" and aligned to fixed-length font display) # cd /tmp # mkdir -p test/a test/b/bb test/b/cc # touch test/b/cc/dd # chflags schg test/b/bb/ # chflags uappnd test/b/cc/dd # ls -Rlo total 2 drwxr-xr-x 4 root wheel - 512 Apr 29 08:12 test ./test: total 4 drwxr-xr-x 2 root wheel - 512 Apr 29 08:12 a drwxr-xr-x 4 root wheel - 512 Apr 29 08:12 b ./test/a: total 0 ./test/b: total 4 drwxr-xr-x 2 root wheel schg 512 Apr 29 08:12 bb **** NOTICE 1a ^^^^ **** drwxr-xr-x 2 root wheel - 512 Apr 29 08:12 cc ./test/b/bb: total 0 ./test/b/cc: total 0 -rw-r--r-- 1 root wheel uappnd 0 Apr 29 08:12 dd **** NOTICE 2a ^^^^^^ **** # echo ee >test/b/cc/dd test/b/cc/dd: Operation not permitted. # echo ee >> test/b/cc/dd **** NOTICE: this is the intended behavior for the 'uappnd' flag **** # cat test/b/cc/dd ee # # mount_unionfs -c transparent -b test/b test/a # ls -Rlo total 2 drwxr-xr-x 4 root wheel - 512 Apr 29 08:12 test ./test: total 4 drwxr-xr-x 2 root wheel - 512 Apr 29 08:12 a drwxr-xr-x 4 root wheel - 512 Apr 29 08:12 b ./test/a: total 4 drwxr-xr-x 2 root wheel - 512 Apr 29 08:12 bb **** NOTICE 1b ^^^ **** drwxr-xr-x 2 root wheel - 512 Apr 29 08:12 cc ./test/a/bb: total 0 ./test/a/cc: total 2 -rw-r--r-- 1 root wheel uappnd 3 Apr 29 08:15 dd **** NOTICE 2b (LOOKS OK) ^^^^^^ **** ./test/b: total 4 drwxr-xr-x 2 root wheel schg 512 Apr 29 08:12 bb drwxr-xr-x 2 root wheel - 512 Apr 29 08:12 cc ./test/b/bb: total 0 ./test/b/cc: total 2 -rw-r--r-- 1 root wheel uappnd 3 Apr 29 08:15 dd # echo ff > test/a/cc/dd # cat test/a/cc/dd ff **** NOTICE: very wrong behavior for the 'uappnd' flag! **** # ls -lo test/a/cc/dd -rw-r--r-- 1 root wheel - 3 Apr 29 08:20 test/a/cc/dd **** NOTICE 2c (NO FLAG!) ^^^ **** # echo gg >test/b/cc/hh # chflags schg test/b/cc/hh # rm test/b/cc/hh override rw-r--r-- root/wheel schg for test/b/cc/hh? yes rm: test/b/cc/hh: Operation not permitted **** NOTICE 3a ^^^^^^^^^^^^^^^^^^^^^^^ **** # ls -lo test/a/cc/hh -rw-r--r-- 1 root wheel schg 3 Apr 29 08:24 test/a/cc/hh **** NOTICE 3b ^^^^ **** # rm test/a/cc/hh override rw-r--r-- root/wheel schg for test/a/cc/hh? yes **** NOTICE 3c (NO ERROR!) **** # ls -lo test/a/cc/ total 2 -rw-r--r-- 1 root wheel - 3 Apr 29 08:20 dd **** NOTICE 3d (the file is gone despite immutable flags seemingly set!) *= *** End of test case It makes no difference to specify '-c tradicional'. I skimmed over the patch code and have noticed no file flags or director[y flags] are indeed [ever] copied to the shadow files. [Edit: spelling] I'd really appreciate if you could fix that for the patch version 12. Thank you very much! Andr=E9
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2ad73a0605311125h7ac8a927t33bbfadf9fe18c33>