From owner-freebsd-fs Thu Jun 20 4:19:18 2002 Delivered-To: freebsd-fs@freebsd.org Received: from lockdown.spectrum.fearmuffs.net (c164-147.pro.thalamus.se [212.31.164.147]) by hub.freebsd.org (Postfix) with ESMTP id 568CB37B401 for ; Thu, 20 Jun 2002 04:18:59 -0700 (PDT) Received: from lockdown.spectrum.fearmuffs.net (localhost.spectrum.fearmuffs.net [127.0.0.1]) by lockdown.spectrum.fearmuffs.net (8.12.3/8.12.3) with ESMTP id g5KBIuXD001057; Thu, 20 Jun 2002 13:18:57 +0200 (CEST) (envelope-from gmh003532@brfmasthugget.se) Received: (from redpixel@localhost) by lockdown.spectrum.fearmuffs.net (8.12.3/8.12.3/Submit) id g5KBIskW001056; Thu, 20 Jun 2002 13:18:54 +0200 (CEST) (envelope-from gmh003532@brfmasthugget.se) Date: Thu, 20 Jun 2002 13:18:53 +0200 From: Martin Faxer To: Poul-Henning Kamp Cc: freebsd-fs@FreeBSD.ORG Subject: Re: a bunch of questions Message-ID: <20020620111853.GA638@lockdown.spectrum.fearmuffs.net> Mail-Followup-To: Poul-Henning Kamp , freebsd-fs@FreeBSD.ORG References: <20020619144111.GA1352@lockdown.spectrum.fearmuffs.net> <12747.1024498936@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <12747.1024498936@critter.freebsd.dk> User-Agent: Mutt/1.3.99i Sender: owner-freebsd-fs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 2002.06.19 17:02:16 +0000, Poul-Henning Kamp wrote: > In message <20020619144111.GA1352@lockdown.spectrum.fearmuffs.net>, Martin Faxe > r writes: > > > >1) why is it preferred to do the permissions checking in the > > actual file system specific code instead of vfs_[n]mount()? > > Because not all filesystems need or indeed want the same > permissions checks. > > Some filesystems don't even have a device (DEVFS, procfs, unionfs etc) very true. sorry for not using my brain :) > >2) in the statfs() code the f_fsid is zeroed out in the !superuser > > case. after some searching and cross-checking with OpenBSD i'm > > lead to believe that this is because of a potential NFS insecurity > > if any user is able to see the f_fsid. does anybody know more > > about this ? can a check be added like: > > I belive it is because of the NFS. yes. looks like it's some NFS issue indeed. i wonder if a check that only enabled the f_fsid clearing in the !NFS case would be desired (like the one i described in the original e-mail.) by the way, another issue that i didn't address in my original e-mail that i've thought a little bit about is the f_type member that is returned by struct statfs. it would appear to me as if the f_type member is assigned (at least in the ufs/ffs code) to be vfc_typenum in ffs_statfs(). vfc_typenum is assigned in vfs_register() like this: vfc->vfc_typenum = maxvfsconf++; thus, it looks like f_type is actually a pretty random value, depending on in which order the different file systems get loaded. a friend on irc said that on an old Ultrix system it was actually assigned to mean something, and there was a "reverse lookup" table for mapping f_type to a string with the file system name. i wonder why this was dropped, as it seems to be pretty useless now. (although f_fstypename probably delivers the same functionality it's always nice to be able to check what file system it is without doing a strcmp().) thanks for your answers! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message