Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 15 May 2020 13:49:54 -0400
From:      Ed Maste <emaste@freebsd.org>
To:        bsd-lists@bsdforge.com
Cc:        FreeBSD Hackers <freebsd-hackers@freebsd.org>
Subject:   Re: [HEADSUP] Disallowing read() of a directory fd
Message-ID:  <CAPyFy2ABOcoK_4q4RvPcwYt2Q15qthzyt%2B3yJReO_EWO6Zie3Q@mail.gmail.com>
In-Reply-To: <02cb48c24a3d010dab13974680dc3d16@udns.ultimatedns.net>
References:  <20200515150627.GY82984@trajan.stk.cx> <02cb48c24a3d010dab13974680dc3d16@udns.ultimatedns.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 15 May 2020 at 13:14, Chris <bsd-lists@bsdforge.com> wrote:
>
> But given the potential
> gains for all this, are trivial at best.

Some benefits of this change have already been discussed:
1. It would have prevented, or at least significantly blunted, the
security issue described in FreeBSD-SA-19:10.ufs.
2. It avoids problems caused by application assumptions.

On the other hand, arguments for allowing reads of directories:
1. It's always been that way.
2. File system developers and experts may use the ability for certain
special or unusual actions.

Making the change with a sysctl to control still allows the special
case use, and I'm glad that Kyle spent the time on this change.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyFy2ABOcoK_4q4RvPcwYt2Q15qthzyt%2B3yJReO_EWO6Zie3Q>