ZFS snapdir readability (Crosspost)

Jan Behrens jbe-mlist at magnetkern.de
Wed Nov 20 13:41:06 UTC 2019

On Wed, 20 Nov 2019 08:24:43 -0500
Mike Tancsa <mike at sentex.net> wrote:

> On 11/20/2019 5:07 AM, Borja Marcos wrote:

> > You could make snapshots not mounted, period, requiring administrator’s actions to mount them. But you
> > would lose convenience for common users. 
> Actually, thats all I am advocating for-- settings perms on the
> accessibility of the snapshot. ie instead of the "invisibility" feature,
> change it to an "inaccessible" feature.
>     ---Mike

This would solve the security problem, but only as long as snapshots are
never mounted. Once they are mounted (unless you can specify the
directory where they are mounted), unprivileged users could still
access files they should not be allowed to access.

A better solution would be to specify user, group, and modes
(e.g. root:root 700) when mounting or auto-mounting snapshots.


More information about the freebsd-fs mailing list