Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 20 Nov 2019 16:02:14 +0100
From:      Borja Marcos <borjam@sarenet.es>
To:        Jan Behrens <jbe-mlist@magnetkern.de>
Cc:        Mike Tancsa <mike@sentex.net>, Alan Somers <asomers@freebsd.org>, freebsd-fs <freebsd-fs@freebsd.org>
Subject:   Re: ZFS snapdir readability (Crosspost)
Message-ID:  <AEF4CA02-36B3-42FC-BE92-14DF0AF99540@sarenet.es>
In-Reply-To: <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de>
References:  <20191107004635.c6d2e7d464d3d556a0d87465@magnetkern.de> <CAOtMX2huHZcXHH%2B=3Bx7hX_p9udJ2acOX%2BZL8vW=pjqbe6mOAA@mail.gmail.com> <e2eecef7-21b6-0ff2-b259-71421b7d097c@sentex.net> <9B22AD46-BE87-4305-9638-74D23AD4C8CA@sarenet.es> <cfcc12dd-e9eb-5a98-a031-ab18436a2dd3@sentex.net> <261FE331-EC5C-48C8-9249-9BCBF887CE38@sarenet.es> <913f7040-6e38-452d-6187-e17fae63b652@sentex.net> <20191120144041.7f916360dc0c69bf509c9bd1@magnetkern.de>
next in thread | previous in thread | raw e-mail | index | archive | help 


> On 20 Nov 2019, at 14:40, Jan Behrens <jbe-mlist@magnetkern.de> wrote:
>=20
> On Wed, 20 Nov 2019 08:24:43 -0500
> Mike Tancsa <mike@sentex.net> wrote:
>=20
>> On 11/20/2019 5:07 AM, Borja Marcos wrote:
>=20
>>> You could make snapshots not mounted, period, requiring =
administrator=E2=80=99s actions to mount them. But you
>>> would lose convenience for common users.=20
>>=20
>> Actually, thats all I am advocating for-- settings perms on the
>> accessibility of the snapshot. ie instead of the "invisibility" =
feature,
>> change it to an "inaccessible" feature.
>>=20
>>     ---Mike
>=20
> This would solve the security problem, but only as long as snapshots =
are
> never mounted. Once they are mounted (unless you can specify the
> directory where they are mounted), unprivileged users could still
> access files they should not be allowed to access.
>=20
> A better solution would be to specify user, group, and modes
> (e.g. root:root 700) when mounting or auto-mounting snapshots.

At least it=E2=80=99s a different problem. Mounting a snapshot =
*intentionally* could be
something similar to recovering a backup. What poses a serious issue in =
my
opinion is that the system *does* mount them automatically.=20



Borja.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AEF4CA02-36B3-42FC-BE92-14DF0AF99540>