Date: Fri, 15 May 2020 13:49:54 -0400 From: Ed Maste <emaste@freebsd.org> To: bsd-lists@bsdforge.com Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: [HEADSUP] Disallowing read() of a directory fd Message-ID: <CAPyFy2ABOcoK_4q4RvPcwYt2Q15qthzyt%2B3yJReO_EWO6Zie3Q@mail.gmail.com> In-Reply-To: <02cb48c24a3d010dab13974680dc3d16@udns.ultimatedns.net> References: <20200515150627.GY82984@trajan.stk.cx> <02cb48c24a3d010dab13974680dc3d16@udns.ultimatedns.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 15 May 2020 at 13:14, Chris <bsd-lists@bsdforge.com> wrote: > > But given the potential > gains for all this, are trivial at best. Some benefits of this change have already been discussed: 1. It would have prevented, or at least significantly blunted, the security issue described in FreeBSD-SA-19:10.ufs. 2. It avoids problems caused by application assumptions. On the other hand, arguments for allowing reads of directories: 1. It's always been that way. 2. File system developers and experts may use the ability for certain special or unusual actions. Making the change with a sysctl to control still allows the special case use, and I'm glad that Kyle spent the time on this change.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyFy2ABOcoK_4q4RvPcwYt2Q15qthzyt%2B3yJReO_EWO6Zie3Q>