jail getfsstat patches.
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Fri Jul 2 03:21:49 PDT 2004
On Fri, 2 Jul 2004, Pawel Jakub Dawidek wrote:
> On Fri, Jul 02, 2004 at 07:52:29AM +0000, Bjoern A. Zeeb wrote:
> +> On Sun, 27 Jun 2004, Pawel Jakub Dawidek wrote:
> +> > +> If you give me a few days (maybe I'll be ready today) I'll try to prepare
> +> > +> patch to commit so we can review it together.
> +> >
> +> > Ok, here it goes:
> +> >
> +> > http://people.freebsd.org/~pjd/patches/jail_enforce_statfs.patch
> +>
> +>
> +> in prison_canseemount shouldn't it be (pasted in by hand):
> +>
> +> * Be sure that we don't have situation where jail's root directory
> +> * is "/some/path" and mount point is "/some/pathpath".
> +> */
> +> - if (*sp->f_mntonname != '\0' && *sp->f_mntonname != '/')
> +> + if (*(sp->f_mntonname+len) != '\0' && *(sp->f_mntonname+len) != '/')
> +> return (ENOENT);
> +> return (0);
>
> Yes, fixed, thanks!
haven't re-fetched the patch but with above change things look good
here on a production system (backported it to 5.2.1-pN and klded).
To people who will backport: do not forget to also patch usr.sbin/jail
what Pawel had done in HEAD already or make sure to not use symlinks
or .. in the path given to jail(8).
didn't review linux-compat or alpha and didn't test freebsd4_compat.
many thanks for this work - great !
PS: spelling still left to someone else ;-) s/happend/happen/
--
Greetings
Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT
More information about the freebsd-current
mailing list