Date: Fri, 12 Dec 2003 08:30:18 -0800 (PST) From: Uwe Doering <gemini@geminix.org> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/60149: Unmount operation is permitted inside jail. Message-ID: <200312121630.hBCGUI1t075398@freefall.freebsd.org>
index | next in thread | raw e-mail
The following reply was made to PR kern/60149; it has been noted by GNATS.
From: Uwe Doering <gemini@geminix.org>
To: FreeBSD-gnats-submit@FreeBSD.org
Cc:
Subject: Re: kern/60149: Unmount operation is permitted inside jail.
Date: Fri, 12 Dec 2003 17:20:09 +0100
This is a multi-part message in MIME format.
--------------050401040700010009000500
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Pawel Jakub Dawidek wrote:
>>Fix:
> [...]
> And this one against FreeBSD 4.8 (not tested):
> [...]
I suggest to use the attached patch, at least for 4.x. It is tested and
more in line with mount()'s permission checking semantics. Or in case
this approach (relying on 'vfs.usermount') is considered insufficient
for jails, mount() should be fixed as well.
Uwe
--
Uwe Doering | EscapeBox - Managed On-Demand UNIX Servers
gemini@geminix.org | http://www.escapebox.net
--------------050401040700010009000500
Content-Type: text/plain;
name="vfs_syscalls.c.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="vfs_syscalls.c.diff"
--- src/sys/kern/vfs_syscalls.c.orig Sun Jan 26 11:33:05 2003
+++ src/sys/kern/vfs_syscalls.c Fri Dec 12 11:51:46 2003
@@ -444,7 +444,7 @@
* Only root, or the user that did the original mount is
* permitted to unmount this filesystem.
*/
- if ((mp->mnt_stat.f_owner != p->p_ucred->cr_uid) &&
+ if ((usermount == 0 || mp->mnt_stat.f_owner != p->p_ucred->cr_uid) &&
(error = suser(p))) {
vput(vp);
return (error);
--------------050401040700010009000500--
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200312121630.hBCGUI1t075398>