ZFS snapdir readability (Crosspost)

Andriy Gapon avg at FreeBSD.org
Fri Nov 8 13:19:11 UTC 2019

On 08/11/2019 13:52, Jan Behrens wrote:
> Of course, "take as is or don't use it" is a valid approach to avoid
> using insecure software, but I believe adding an option to restrict
> readability of .zfs/snapdir to the owner of the root would
> significantly improve security, especially as some operators might not
> even be aware of the risks.

I would not object to having something like snapdirmode property.
I think that it's reasonable.

Andriy Gapon

More information about the freebsd-fs mailing list