Date: Sun, 19 Feb 2006 16:01:53 +0300 (MSK) From: Dmitry Morozovsky <marck@rinet.ru> To: Yar Tikhiy <yar@comp.chem.msu.su> Cc: freebsd-stable@freebsd.org, James Wyatt <jwyatt@RWSystems.net> Subject: Re: RELENG_6 weird '..' permission troubles Message-ID: <20060219154950.K69186@woozle.rinet.ru> In-Reply-To: <20060219105852.GC20500@comp.chem.msu.su> References: <20060216161726.M91053@woozle.rinet.ru> <20060216074912.K18952@extra.rwsystems.net> <20060216165612.M91053@woozle.rinet.ru> <20060219105852.GC20500@comp.chem.msu.su>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Sun, 19 Feb 2006, Yar Tikhiy wrote: YT> On Thu, Feb 16, 2006 at 04:57:57PM +0300, Dmitry Morozovsky wrote: YT> > On Thu, 16 Feb 2006, James Wyatt wrote: YT> > YT> > JW> I've seen something very similar when the permissions of the mount point's YT> > JW> underlieing subdirectory wasn't 777. Really strange to see, but it was a YT> > JW> fallout from a company-wide change to make umask and directory permissions YT> > JW> that wasn't quite implemented correctly. Hope this helps - Jy@ YT> > YT> > Exactly, see my other followup. YT> > YT> > I suppose 0777 is bad choice because if for some reason file system would not YT> > mount, anyone can fill up this directory. 0111 or 0555 or standard 0755 would YT> > be safe though. YT> YT> This looks like a file-a-PR case if you are sure you didn't overlook YT> anything. To the best of my knowledge, the underlying mount point YT> permissions should affect nothing since the FS was mounted. But YT> you didn't show us output from "ls -la /" so please judge by yourself. I can't show you exact output of ls -la / before other FS mount because of headlessness (nor serial console) of machine in question. However, there was one file system which I could unmount without dropping to single user, and I *did* see underlying directory mode of 0750. What should I file? Test case? It's rather simple (attached). Sincerely, D.Marck [DM5020, MCK-RIPE, DM3-RIPN] ------------------------------------------------------------------------ *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru *** ------------------------------------------------------------------------ [-- Attachment #2 --] Script started on Sun Feb 19 15:59:12 2006 root@woozle:/var/tmp# unalias ls root@woozle:/var/tmp# cd /var/tmp root@woozle:/var/tmp# dd if=/dev/zero of=image1.img bs=1m count=4 4+0 records in 4+0 records out 4194304 bytes transferred in 0.057493 secs (72953335 bytes/sec) root@woozle:/var/tmp# mdconfig -a -t vnode -f image1.img md1 root@woozle:/var/tmp# newfs /dev/md1 /dev/md1: 4.0MB (8192 sectors) block size 16384, fragment size 2048 using 4 cylinder groups of 1.02MB, 65 blks, 192 inodes. super-block backups (for fsck -b #) at: 160, 2240, 4320, 6400 root@woozle:/var/tmp# mkdir -m 700 mnt root@woozle:/var/tmp# ls -la mnt total 4 drwx------ 2 root wheel 512 Feb 19 16:00 . drwxrwxrwt 8 root wheel 512 Feb 19 16:00 .. root@woozle:/var/tmp# mount /dev/md1 mnt root@woozle:/var/tmp# ls -la mnt total 6 drwxr-xr-x 3 root wheel 512 Feb 19 16:00 . drwxrwxrwt 8 root wheel 512 Feb 19 16:00 .. drwxrwxr-x 2 root operator 512 Feb 19 16:00 .snap root@woozle:/var/tmp# echo '/bin/sh -c "ls -la /var/tmp"' | su -m nobody total 54560 drwxrwxrwt 8 root wheel 512 Feb 19 16:00 . drwxr-xr-x 26 root wheel 512 Feb 16 12:59 .. drwxrwxr-x 2 marck wheel 512 Feb 7 16:21 cd drwx------ 3 marck wheel 512 Feb 14 16:20 gconfd-marck -rw-r--r-- 1 root wheel 4194304 Feb 19 16:00 image1.img -rw-r--r-- 1 root wheel 51579766 Jan 31 18:50 jdk-1.5.0p2_3.tbz drwxr-xr-x 3 root wheel 512 Feb 19 16:00 mnt drwx------ 2 marck wheel 512 Feb 14 22:17 orbit-marck drwxrwxrwt 5 root wheel 512 Jan 26 14:17 texfonts drwxrwxrwt 2 root wheel 512 Jan 31 16:17 vi.recover root@woozle:/var/tmp# echo '/bin/sh -c "ls -la /var/tmp/mnt/"' | su -m nobody ls: ..: Permission denied total 4 drwxr-xr-x 3 root wheel 512 Feb 19 16:00 . drwxrwxr-x 2 root operator 512 Feb 19 16:00 .snap root@woozle:/var/tmp# exit exit Script done on Sun Feb 19 16:00:47 2006help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060219154950.K69186>