Date: Mon, 20 Jun 2011 21:16:49 +0200 From: Patrick Proniewski <patrick.proniewski@univ-lyon2.fr> To: FreeBSD Filesystems <freebsd-fs@freebsd.org> Subject: Re: ZFS, noexec and snapshots Message-ID: <16735164.54848.1308597423064.JavaMail.root@co4> In-Reply-To: <43CFBAB7-9383-4D18-A2FF-061766637CE7@univ-lyon2.fr> References: <43CFBAB7-9383-4D18-A2FF-061766637CE7@univ-lyon2.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Following Micheal's reply, I realise my english is not as clear as I wish := ) > On 19/06/2011 10:03, Patrick Proniewski wrote: >>=20 >> Every ZFS volume is made with noexec, but I've just find out that the au= tomount of .zfs/snapshot/* is not made with the noexec option. >>=20 >=20 > Just two days ago I was wondering why some of my snapshots are not=20 > visible in .zfs/snapshot/ after setting snapdir=3Dvisible. All of given= =20 > datasets have the noexec property set on. > I guess that is the answer then. >=20 > Michael What I intended to say is: Automount of .zfs/snapshot/* works, but snapshots are mounted without the o= ption "noexec", despite the fact that the property should be inherited from= parents (i think). Well, if you rely on "noexec" as a security feature, just don't use snapsho= ts, because it looks like snapshots are always mounted with "exec =3D on" Patrick PRONIEWSKI --=20 Administrateur Syst=E8me - DSI - Universit=E9 Lumi=E8re Lyon 2
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?16735164.54848.1308597423064.JavaMail.root>