kern/60149: Unmount operation is permitted inside jail.
Uwe Doering
gemini at geminix.org
Fri Dec 12 08:30:19 PST 2003
The following reply was made to PR kern/60149; it has been noted by GNATS.
From: Uwe Doering <gemini at geminix.org>
To: FreeBSD-gnats-submit at FreeBSD.org
Cc:
Subject: Re: kern/60149: Unmount operation is permitted inside jail.
Date: Fri, 12 Dec 2003 17:20:09 +0100
This is a multi-part message in MIME format.
--------------050401040700010009000500
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Pawel Jakub Dawidek wrote:
>>Fix:
> [...]
> And this one against FreeBSD 4.8 (not tested):
> [...]
I suggest to use the attached patch, at least for 4.x. It is tested and
more in line with mount()'s permission checking semantics. Or in case
this approach (relying on 'vfs.usermount') is considered insufficient
for jails, mount() should be fixed as well.
Uwe
--
Uwe Doering | EscapeBox - Managed On-Demand UNIX Servers
gemini at geminix.org | http://www.escapebox.net
--------------050401040700010009000500
Content-Type: text/plain;
name="vfs_syscalls.c.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="vfs_syscalls.c.diff"
--- src/sys/kern/vfs_syscalls.c.orig Sun Jan 26 11:33:05 2003
+++ src/sys/kern/vfs_syscalls.c Fri Dec 12 11:51:46 2003
@@ -444,7 +444,7 @@
* Only root, or the user that did the original mount is
* permitted to unmount this filesystem.
*/
- if ((mp->mnt_stat.f_owner != p->p_ucred->cr_uid) &&
+ if ((usermount == 0 || mp->mnt_stat.f_owner != p->p_ucred->cr_uid) &&
(error = suser(p))) {
vput(vp);
return (error);
--------------050401040700010009000500--
More information about the freebsd-bugs
mailing list