From nobody Thu Nov 28 12:35:40 2024
X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XzbQC6zD3z5ffY8
	for <freebsd-current@mlmmj.nyi.freebsd.org>; Thu, 28 Nov 2024 12:36:03 +0000 (UTC)
	(envelope-from rb@gid.co.uk)
Received: from gid2.gid.co.uk (ns0.gid.co.uk [IPv6:2001:470:94de::240])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "gid2.gid.co.uk", Issuer "gid2.gid.co.uk" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4XzbQB2Gfnz4fdv
	for <freebsd-current@FreeBSD.org>; Thu, 28 Nov 2024 12:36:02 +0000 (UTC)
	(envelope-from rb@gid.co.uk)
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	spf=pass (mx1.freebsd.org: domain of rb@gid.co.uk designates 2001:470:94de::240 as permitted sender) smtp.mailfrom=rb@gid.co.uk;
	dmarc=pass (policy=none) header.from=gid.co.uk
Received: from mx0.gid.co.uk (mx0.gid.co.uk [194.32.164.250])
	by gid2.gid.co.uk (8.15.2/8.15.2) with ESMTP id 4ASCZtai029570;
	Thu, 28 Nov 2024 12:35:55 GMT
	(envelope-from rb@gid.co.uk)
Received: from smtpclient.apple ([89.248.30.154])
	by mx0.gid.co.uk (8.14.2/8.14.2) with ESMTP id 4ASCZoWj007414;
	Thu, 28 Nov 2024 12:35:50 GMT
	(envelope-from rb@gid.co.uk)
Content-Type: text/plain;
	charset=us-ascii
List-Id: Discussions about the use of FreeBSD-current <freebsd-current.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-current
List-Help: <mailto:freebsd-current+help@freebsd.org>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Subscribe: <mailto:freebsd-current+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-current+unsubscribe@freebsd.org>
Sender: owner-freebsd-current@FreeBSD.org
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3776.700.51\))
Subject: Re: RFC: fixing PR#282995
From: Bob Bishop <rb@gid.co.uk>
In-Reply-To: <CAM5tNy4YHAPUgZddok1U3Oz3vFB26-FC5M6Ocwx7bZhWm+UX4Q@mail.gmail.com>
Date: Thu, 28 Nov 2024 12:35:40 +0000
Cc: FreeBSD CURRENT <freebsd-current@FreeBSD.org>,
        Michael Proto <mike@jellydonut.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <F949CCDA-D424-4F83-9A0A-EE8ED7C54A10@gid.co.uk>
References: <CAM5tNy4YHAPUgZddok1U3Oz3vFB26-FC5M6Ocwx7bZhWm+UX4Q@mail.gmail.com>
To: Rick Macklem <rick.macklem@gmail.com>
X-Mailer: Apple Mail (2.3776.700.51)
X-Spamd-Result: default: False [-3.80 / 15.00];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-1.00)[-0.997];
	DMARC_POLICY_ALLOW(-0.50)[gid.co.uk,none];
	R_SPF_ALLOW(-0.20)[+mx];
	MIME_GOOD(-0.10)[text/plain];
	APPLE_MAILER_COMMON(0.00)[];
	ARC_NA(0.00)[];
	FREEMAIL_TO(0.00)[gmail.com];
	ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US];
	TAGGED_RCPT(0.00)[];
	MID_RHS_MATCH_FROM(0.00)[];
	R_DKIM_NA(0.00)[];
	MLMMJ_DEST(0.00)[freebsd-current@FreeBSD.org];
	FROM_EQ_ENVFROM(0.00)[];
	FROM_HAS_DN(0.00)[];
	MIME_TRACE(0.00)[0:+];
	RCVD_COUNT_TWO(0.00)[2];
	TO_DN_ALL(0.00)[];
	TO_MATCH_ENVRCPT_SOME(0.00)[];
	RCVD_TLS_LAST(0.00)[];
	RCPT_COUNT_THREE(0.00)[3]
X-Rspamd-Queue-Id: 4XzbQB2Gfnz4fdv
X-Spamd-Bar: ---

Hi,

> On 27 Nov 2024, at 21:56, Rick Macklem <rick.macklem@gmail.com> wrote:
>=20
> Hi,
>=20
> PR#282995 reports that the "-alldirs" export option is broken,
> since it allows an export where the directory path is not a mount =
point.
>=20
> I'll admit I did not recall this semantic for -alldirs and I now see =
it is only
> documented in the "Examples" section of exports(5).
>=20
> Looking at the code, it appears this was broken between releng1 and
> releng2.0 (about 30years ago) when the call to mount(2) in mountd.c
> was changed from using the path in the exports line to using =
f_mntonname.
> (The check for "it is a mount point" depended on mount(2) failing =
because
> the path was not a mount point.)
>=20
> I do believe the semantic is a useful one,

Why?

> although making it that way
> after 30years might be construed as a POLA violation?
>=20
> So, what do others think I should do with this?
> (A) - Patch mountd to enforce the "must be a mount point when -alldirs
>        is specified, plus update exports(5) to state this semantic =
clearly.
> or
> (B) - Patch mountd so that it enforces "must be a mount point when =
-alldirs
>        is specified, but only enabled via a new mountd command line =
option.
>        --> ie. Leave the default as not enforced, but allow =
enforcement based
>                  on a new mountd option.
>             - Document this in both exports(5) and mountd(8).
> or
> ???

(C) - Patch mountd so that it enforces "must be a mount point when =
-alldirs
       is specified, but provide a new mountd command line option to =
restore the old behaviour.
       --> ie. Default as enforced, but allow an override based  on a =
new mountd option.
            - Document this in both exports(5) and mountd(8).

I think that (A) is too POLA-unfriendly.

> Thanks in advance for your comments, rick
>=20

--
Bob Bishop
rb@gid.co.uk