Date: Fri, 05 Apr 2019 17:21:48 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 237052] [FUSEFS] fusefs allows non-owner access beneath mountpoint even without -o allow_other Message-ID: <bug-237052-227-nFXbw9siLQ@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-237052-227@https.bugs.freebsd.org/bugzilla/> References: <bug-237052-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D237052 --- Comment #1 from commit-hook@freebsd.org --- A commit references this bug: Author: asomers Date: Fri Apr 5 17:21:24 UTC 2019 New revision: 345958 URL: https://svnweb.freebsd.org/changeset/base/345958 Log: fusefs: enforce -onoallow_other even beneath the mountpoint When -o allow_other is not in use, fusefs is supposed to prevent access to the filesystem by any user other than the one who owns the daemon. Our fusefs implementation was only enforcing that restriction at the mountpoi= nt itself. That was usually good enough because lookup usually descends from the mountpoint. However, there are cases when it doesn't, such as when using openat relative to a file beneath the mountpoint. PR: 237052 Sponsored by: The FreeBSD Foundation Changes: projects/fuse2/sys/fs/fuse/fuse_internal.c projects/fuse2/tests/sys/fs/fusefs/allow_other.cc --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-237052-227-nFXbw9siLQ>