From owner-freebsd-bugs@FreeBSD.ORG  Fri Dec 12 08:30:19 2003
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9122216A4CE
	for <freebsd-bugs@hub.freebsd.org>;
	Fri, 12 Dec 2003 08:30:19 -0800 (PST)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A77BA43D31
	for <freebsd-bugs@hub.freebsd.org>;
	Fri, 12 Dec 2003 08:30:18 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	hBCGUIFR075399	for <freebsd-bugs@freefall.freebsd.org>;
	Fri, 12 Dec 2003 08:30:18 -0800 (PST)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.10/8.12.10/Submit) id hBCGUI1t075398;
	Fri, 12 Dec 2003 08:30:18 -0800 (PST)
	(envelope-from gnats)
Date: Fri, 12 Dec 2003 08:30:18 -0800 (PST)
Message-Id: <200312121630.hBCGUI1t075398@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: Uwe Doering <gemini@geminix.org>
Subject: Re: kern/60149: Unmount operation is permitted inside jail.
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Uwe Doering <gemini@geminix.org>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Dec 2003 16:30:19 -0000

The following reply was made to PR kern/60149; it has been noted by GNATS.

From: Uwe Doering <gemini@geminix.org>
To: FreeBSD-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: kern/60149: Unmount operation is permitted inside jail.
Date: Fri, 12 Dec 2003 17:20:09 +0100

 This is a multi-part message in MIME format.
 --------------050401040700010009000500
 Content-Type: text/plain; charset=us-ascii; format=flowed
 Content-Transfer-Encoding: 7bit
 
 Pawel Jakub Dawidek wrote:
 >>Fix:
 > [...]
 > 	And this one against FreeBSD 4.8 (not tested):
 > [...]
 
 I suggest to use the attached patch, at least for 4.x.  It is tested and 
 more in line with mount()'s permission checking semantics.  Or in case 
 this approach (relying on 'vfs.usermount') is considered insufficient 
 for jails, mount() should be fixed as well.
 
     Uwe
 -- 
 Uwe Doering         |  EscapeBox - Managed On-Demand UNIX Servers
 gemini@geminix.org  |  http://www.escapebox.net
 
 --------------050401040700010009000500
 Content-Type: text/plain;
  name="vfs_syscalls.c.diff"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="vfs_syscalls.c.diff"
 
 --- src/sys/kern/vfs_syscalls.c.orig	Sun Jan 26 11:33:05 2003
 +++ src/sys/kern/vfs_syscalls.c	Fri Dec 12 11:51:46 2003
 @@ -444,7 +444,7 @@
  	 * Only root, or the user that did the original mount is
  	 * permitted to unmount this filesystem.
  	 */
 -	if ((mp->mnt_stat.f_owner != p->p_ucred->cr_uid) &&
 +	if ((usermount == 0 || mp->mnt_stat.f_owner != p->p_ucred->cr_uid) &&
  	    (error = suser(p))) {
  		vput(vp);
  		return (error);
 
 --------------050401040700010009000500--