From owner-freebsd-fs@freebsd.org  Sat Jul 29 07:35:04 2017
Return-Path: <owner-freebsd-fs@freebsd.org>
Delivered-To: freebsd-fs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id A7000DBCE49
 for <freebsd-fs@mailman.ysv.freebsd.org>; Sat, 29 Jul 2017 07:35:04 +0000 (UTC)
 (envelope-from phk@phk.freebsd.dk)
Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222])
 by mx1.freebsd.org (Postfix) with ESMTP id 627B3341A;
 Sat, 29 Jul 2017 07:35:04 +0000 (UTC)
 (envelope-from phk@phk.freebsd.dk)
Received: from critter.freebsd.dk (unknown [192.168.55.3])
 by phk.freebsd.dk (Postfix) with ESMTP id 44D6027392;
 Sat, 29 Jul 2017 07:28:19 +0000 (UTC)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
 by critter.freebsd.dk (8.15.2/8.15.2) with ESMTP id v6T7S3Z3064646;
 Sat, 29 Jul 2017 07:28:03 GMT (envelope-from phk@phk.freebsd.dk)
To: bugzilla-noreply@freebsd.org
cc: freebsd-fs@FreeBSD.org
Subject: Re: [Bug 221064] zfs should not be able to shadow mount on root
 directory from userspace
In-reply-to: <bug-221064-3630-CUGgC70s9s@https.bugs.freebsd.org/bugzilla/>
From: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
References: <bug-221064-3630@https.bugs.freebsd.org/bugzilla/>
 <bug-221064-3630-CUGgC70s9s@https.bugs.freebsd.org/bugzilla/>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <64644.1501313283.1@critter.freebsd.dk>
Content-Transfer-Encoding: quoted-printable
Date: Sat, 29 Jul 2017 07:28:03 +0000
Message-ID: <64645.1501313283@critter.freebsd.dk>
X-BeenThere: freebsd-fs@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Filesystems <freebsd-fs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-fs>,
 <mailto:freebsd-fs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-fs/>
List-Post: <mailto:freebsd-fs@freebsd.org>
List-Help: <mailto:freebsd-fs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
 <mailto:freebsd-fs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Jul 2017 07:35:04 -0000

--------
In message <bug-221064-3630-CUGgC70s9s@https.bugs.freebsd.org/bugzilla/>, =
bugzi
lla-noreply@freebsd.org writes:

>I personally think that allowing to mount over / is more dangerous than u=
seful.

Quite the contrary, it is far more useful than dangerous:  It is not
uncommon for embedded systems to boot with a absolutely minimal root
filesystem compiled into the kernel, and /sbin/init in that filesystem
will mount the "real" root over / and exec the "real" /sbin/init.

-- =

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    =

Never attribute to malice what can adequately be explained by incompetence=
.