misc/68576: UFS2 snapshot files can be mounted read-write and written to

John Kozubik john at kozubik.com
Thu Jul 1 18:21:41 PDT 2004

>Number:         68576
>Category:       misc
>Synopsis:       UFS2 snapshot files can be mounted read-write and written to
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jul 02 01:20:18 GMT 2004
>Originator:     John Kozubik
>Release:        FreeBSD 5.2.1-RELEASE
FreeBSD kozubik 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Mon Feb 23 20:45:55 GMT 2004     root at wv1u.btc.adaptec.com:/usr/obj/usr/src/sys/GENERIC  i386 
Snapshot files are not to be written to in any circumstance.  After mounting the snapshot as per the snapshot documentation, however, one can successfully run `mount -uw` on the mounted snapshot file, thus mounting it read/write.  One can then write new files to the snapshot file and alter existing files in it.
mksnap_ffs / /snap1
mkdir /snapmount
mdconfig -a -t vnode -f /snap1 -u 4
mount -r /dev/md4 /snapmount

So far so good ... now enter the mounted snapshot and attempt to write a

# cd /snapmount/
# touch test
touch: test: Read-only file system

This is the expected behavior.  However:

# pwd
# mount -uw /snapmount
# touch test
# echo sldkfslk >> /snapmount/test
# cat /snapmount/test

This is unexpected.  You can successfully mount the snapshot read/write
and create and write to files in that snapshot.  You can also write to
files that existed in the snapshot prior to mounting it read/write.
A workaround would be to not mount snapshot files read/write.  A more robust workaround would be to add an exception to `mount` that would disallow mounting a snapshot read/write.

This would follow the existing trend of writing exceptions into common commands (`rm` for instance) to deal with the special needs of snapshot files.  I'm not sure if all these exceptions are a good idea, though, especially if more will be needed as time goes on.

More information about the freebsd-bugs mailing list