Date: Thu, 20 Jun 2002 13:18:53 +0200 From: Martin Faxer <gmh003532@brfmasthugget.se> To: Poul-Henning Kamp <phk@critter.freebsd.dk> Cc: freebsd-fs@FreeBSD.ORG Subject: Re: a bunch of questions Message-ID: <20020620111853.GA638@lockdown.spectrum.fearmuffs.net> In-Reply-To: <12747.1024498936@critter.freebsd.dk> References: <20020619144111.GA1352@lockdown.spectrum.fearmuffs.net> <12747.1024498936@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2002.06.19 17:02:16 +0000, Poul-Henning Kamp wrote: > In message <20020619144111.GA1352@lockdown.spectrum.fearmuffs.net>, Martin Faxe > r writes: > > > >1) why is it preferred to do the permissions checking in the > > actual file system specific code instead of vfs_[n]mount()? > > Because not all filesystems need or indeed want the same > permissions checks. > > Some filesystems don't even have a device (DEVFS, procfs, unionfs etc) very true. sorry for not using my brain :) > >2) in the statfs() code the f_fsid is zeroed out in the !superuser > > case. after some searching and cross-checking with OpenBSD i'm > > lead to believe that this is because of a potential NFS insecurity > > if any user is able to see the f_fsid. does anybody know more > > about this ? can a check be added like: > > I belive it is because of the NFS. yes. looks like it's some NFS issue indeed. i wonder if a check that only enabled the f_fsid clearing in the !NFS case would be desired (like the one i described in the original e-mail.) by the way, another issue that i didn't address in my original e-mail that i've thought a little bit about is the f_type member that is returned by struct statfs. it would appear to me as if the f_type member is assigned (at least in the ufs/ffs code) to be vfc_typenum in ffs_statfs(). vfc_typenum is assigned in vfs_register() like this: vfc->vfc_typenum = maxvfsconf++; thus, it looks like f_type is actually a pretty random value, depending on in which order the different file systems get loaded. a friend on irc said that on an old Ultrix system it was actually assigned to mean something, and there was a "reverse lookup" table for mapping f_type to a string with the file system name. i wonder why this was dropped, as it seems to be pretty useless now. (although f_fstypename probably delivers the same functionality it's always nice to be able to check what file system it is without doing a strcmp().) thanks for your answers! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020620111853.GA638>