Date: Sun, 6 Oct 2002 15:30:04 -0700 (PDT) From: Serge van den Boom <svdb@stack.nl> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/39329 '..' at mountpoint is subject to the permissions of the shadowed dir Message-ID: <200210062230.g96MU4XW088659@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/39329; it has been noted by GNATS.
From: Serge van den Boom <svdb@stack.nl>
To: Lyndon Nerenberg <lyndon@orthanc.ab.ca>
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: kern/39329 '..' at mountpoint is subject to the permissions
of the shadowed dir
Date: Mon, 7 Oct 2002 00:24:00 +0200 (CEST)
On Sun, 6 Oct 2002, Lyndon Nerenberg wrote:
> While this behaviour is non-intuitive, it has existed in UNIX going back
> to at least 1984. I've seen it in BSD and SVR[0123] systems, and I
> suspect the kernel has behaved this way since the beginning. Because of
> this legacy I don't think this can be called a bug, and therefore this
> PR should be closed.
>
> It might be worth adding a note to mount(2), though.
If things would never be changed because "they always behaved this way",
nothing would ever change. A historical bug is still a bug.
That being said, whether this is or is not a bug is still a matter of what
is defined as the "correct behavior". Unless there has somewhere in the
past been made some concious decision in either direction, I would think
there is still room for discussion.
My arguments in favour of considering this as incorrect behaviour:
- It is inconsistent. You access everything else in the dir by the permissions
of the mounted dir, while '..' is accessed by the permissions of the
mountpoint.
- It is counter-intuitive.
Together with the previous point, this is probably the reason I thought
it was a bug in the first place.
- It's very unlikely changing this behaviour will break anything.
After all, only '..' is effected, and generally accessing '..' would only
be possible in more cases now. This isn't a security risk either, as you
can in the currect situation always address the dir as an absolute path
in the cases you could read '..' after the change.
- If you want to change the permissions of '..' as it is now, you would
need to unmount and remount the device.
I don't think the issue is very important as the "feature" is easilly
worked around once you know it's there. But I consider it wrong nonetheless.
I'll gladly hear what you decide.
Greetings,
Serge
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210062230.g96MU4XW088659>