From nobody Mon May 25 18:12:21 2026 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gPP9d3QFQz6fgvw for ; Mon, 25 May 2026 18:12:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gPP9d2t3Jz4HHf for ; Mon, 25 May 2026 18:12:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1779732741; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uG3m+5TsOqLnJX8Z5/ASKY7l8liB2bfv5hTjp/1ykbY=; b=fnjQwUVX8ynqy5bm1WsOFZo7DD7lVQHqsdlnVaMRgIhoiHuTIxaomL8VOXempYMD3MA2zB pZyBO87+/N+fD5DjEQz901Y+DOtC1hgSgY537L7MTmxbbJuYPVvU734ZeLXGGjHLgjt0cZ QjkAJ5mgL9fWQDUCMM2F8Br7K0O9hk4PPR/5FXESK1vypIuWwUt6kBD709q6iyqI7cvOzK jbOKPv1qG+y5YtJRMu+qmfTcGDyz1BBSl7D6LswJwPExMAXMXA/htqS/iEfqhVgHYVBdFP WDGAw9dFETqtDTInBcqmL+sPQTWvqau0/eXny2jmIHeZMefQf3jmUjBOmze0gg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1779732741; a=rsa-sha256; cv=none; b=ID8tP686PqxoKqtBRYiQG2xXDQbOmt+pqsGWFFbY+Alb2WbDN/EmLMqy8InRgnPkXFsiM6 3RFuNRLvx/MG+nfxDyNBJjsnq4ZzIInpv7XWHhHsts+HNsnFBPgTiGAJXUIquD9fCAdTcS V30eYYcQhBUvpktJLf0bb9/Xe7wsPV76Q6OmgkwbpgTXfmRnbRhY5GhCKxdwsGzjW7m7/Y Qz4IPBSnrsrcC5VFzvCH2Q0s02r7mXYe9zirQNLNmbZEe4QDs/1snIOcxMi4QCglaHWJjw MtbSkitGTyfZGFdLBHMN4hjABf4U9gCjYIbNJ016qLvZNz1zfJutd1JTl2VGuw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1779732741; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uG3m+5TsOqLnJX8Z5/ASKY7l8liB2bfv5hTjp/1ykbY=; b=R1MH1IS2KTyFl3UFhvh8lXxl6xnlhqA6Prge7ZCpooRIz78K3b3iyCCArInk3OiECfY6c0 MepIo599rlfy64yPJO7BHmGbmpgBmy7YmZ1wNNHWO0uPfoL5Mvp6x81sPHr+DvlY/3kDhL 2JrfE+G7XQtywuFwOIywYCcV7OoEJ++bBhHvgZ38CqHUNZ1enLRkY+ui24W746Lxcrq3Pm RJ53zwGuVixatbIANQx1WcpxNX4igRj9fYJlgELqFR0fYRFOTlmuM5HgUVdngFTmKCXXJj CJFFP2n2+HXCg/PVRoZHyhUcZ9f5kQ9+zL0cFYJwj5EU9/iYEekDGiwLFUSDQQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4gPP9d2T0jzsnp for ; Mon, 25 May 2026 18:12:21 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 64PICLPA085012 for ; Mon, 25 May 2026 18:12:21 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 64PICLej085011 for bugs@FreeBSD.org; Mon, 25 May 2026 18:12:21 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 295583] The ZFS /home dataset allows devices and setuid binaries Date: Mon, 25 May 2026 18:12:21 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: conf X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: rbranco@suse.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D295583 Bug ID: 295583 Summary: The ZFS /home dataset allows devices and setuid binaries Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: conf Assignee: bugs@FreeBSD.org Reporter: rbranco@suse.com To reproduce: $ zfs get setuid,devices zroot/home NAME PROPERTY VALUE SOURCE zroot/home setuid on default zroot/home devices on default Fix: $ doas zfs set devices=3Doff zroot/home $ doas zfs set setuid=3Doff zroot/home --=20 You are receiving this mail because: You are the assignee for the bug.=