Allowing tmpfs to be mounted in jail?
Dewayne Geraghty
dewayne.geraghty at heuristicsystems.com.au
Thu Aug 22 23:13:05 UTC 2013
> -----Original Message-----
> From: owner-freebsd-security at freebsd.org
> [mailto:owner-freebsd-security at freebsd.org] On Behalf Of Xin Li
> Sent: Friday, 23 August 2013 5:15 AM
> To: freebsd-security at freebsd.org
> Cc: freebsd-fs at freebsd.org; kib at freebsd.org
> Subject: Allowing tmpfs to be mounted in jail?
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi,
>
> Do anybody have concerns if I would commit this?
>
> Index: sys/fs/tmpfs/tmpfs_vfsops.c
> ===================================================================
> - --- sys/fs/tmpfs/tmpfs_vfsops.c (revision 254663)
> +++ sys/fs/tmpfs/tmpfs_vfsops.c (working copy)
> @@ -420,4 +420,4 @@ struct vfsops tmpfs_vfsops = {
> .vfs_statfs = tmpfs_statfs,
> .vfs_fhtovp = tmpfs_fhtovp,
> };
> - -VFS_SET(tmpfs_vfsops, tmpfs, 0);
> +VFS_SET(tmpfs_vfsops, tmpfs, VFCF_JAIL);
>
> Cheers,
> - --
> Xin LI <delphij at delphij.net> https://www.delphij.net/
> FreeBSD - The Power to Serve! Live free or die
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.21 (FreeBSD)
>
> iQEcBAEBCgAGBQJSFmNRAAoJEG80Jeu8UPuzhFMH/2jligxAHwhYCbaYe43d8XXd
> 8ljxmusiVWLTwsjhcZRs0Pg56BSPFR2yMbf1rLgQQCc1HpIK82N9zd3hfDoSZTM3
> fhY+gB+M3aMfQ3A0lGzpCckFdj7Dlyr+drXuVeKsTCEdM7U82/GRBq/wkI8OGft4
> kCd9kmpiupFL5WmboBJNjC1wSgn0TYeGXazkTY9K4n0HmZP+306xf6ABHEkPO5XI
> nJuGsq8u2MhBmet4Cm38dGJGXym5mWRkU/i+YmgDTCVWbdKwILtEHQyq55krSPkP
> p85ntduffcAwcy8Yl8facveYq+pybQKO9pEP8hUMZIN0bLPCM01FQl5x4vbyFzc=
> =w8tX
> -----END PGP SIGNATURE-----
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
> "freebsd-security-unsubscribe at freebsd.org"
Xin Li,
I can envision the use of tmpfs without providing access to mounting other devices within a jail context.
It would be better if this feature had its own sysctl to control the jail's state, particularly as a DOS could "inadvertently" be
introduced, per Kib's earlier point. Other devices-types have additional mitigation strategies, such as exclusion via dev.rules
which tmpfs doesn't have.
Regards, Dewayne.
More information about the freebsd-security
mailing list