Date: Fri, 06 Feb 2026 12:09:27 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 293001] Granting the privilege to read(2) directories to non-root users Message-ID: <bug-293001-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=293001 Bug ID: 293001 Summary: Granting the privilege to read(2) directories to non-root users Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: whr@rivoreo.one As demonstrated in bug #275099, as least in case of FUSE, direct read(2)ing of directories can sometimes be useful; a FUSE-based file system implementation may actually provide useful data for read(2)ing from a directory node. In current kernel, the ability ro read(2) directories is reserved for processes with PRIV_VFS_READ_DIR privilege, even when security.bsd.allow_read_dir is set to 1. I want to propose a few ideas to deal with this situation: * Allow unprivileged users to read(2) directories if security.bsd.allow_read_dir is set to 2 or higher. * Make an exception for fusefs(4) so unprivileged users may read(2) directories in fusefs(4), as long as security.bsd.allow_read_dir said so. * Introduce a KLD module to great selected or all users the PRIV_VFS_READ_DIR privilege. -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-293001-227>