Date: Fri, 15 May 2020 11:58:30 -0500 From: Kyle Evans <kevans@freebsd.org> To: "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Cc: "Rodney W. Grimes" <rgrimes@freebsd.org>, Poul-Henning Kamp <phk@phk.freebsd.dk> Subject: Re: [HEADSUP] Disallowing read() of a directory fd Message-ID: <CACNAnaFE6gzyvwc8kbrX8Oq-h_acVq7wqgQ1P=a3jNpFBGshGw@mail.gmail.com> In-Reply-To: <CACNAnaFszg%2BQWPRS0kghsnQMxXc%2B5niPTTNiUPSmK60YyBGCzA@mail.gmail.com> References: <CACNAnaFszg%2BQWPRS0kghsnQMxXc%2B5niPTTNiUPSmK60YyBGCzA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 14, 2020 at 1:26 PM Kyle Evans <kevans@freebsd.org> wrote: > > Hi, > > This is a heads up, given that I'm completely flipping our historical > behavior- I intend to commit this review in a couple days' time > without substantial objection: https://reviews.freebsd.org/D24596 > Note that the review has been updated to reflect feedback received through the course of this discussion. The current version, as of the time of writing, instead adds a security.bsd.allow_read_dir (defaulting to off) that will allow the system root (*not* jailed root) the ability to read(2) a directory if the filesystem supports it. A new priv(9), PRIV_VFS_READ_DIR has been added so that anyone interested in expanding the scope of the sysctl beyond the system root is welcome to implement a MAC policy for it. rgrimes@ and phk@ have been specifically invited to the review as representatives of those opposing the original change, but of course anyone is free to add themselves and/or simply chime in with constructive objections. Thanks, Kyle Evans
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACNAnaFE6gzyvwc8kbrX8Oq-h_acVq7wqgQ1P=a3jNpFBGshGw>