Date: Fri, 01 Sep 2017 22:43:02 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 221987] ZFS does not validate the sharenfs parameter Message-ID: <bug-221987-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D221987 Bug ID: 221987 Summary: ZFS does not validate the sharenfs parameter Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: asomers@FreeBSD.org On Illumos, ZFS will validate that the "sharenfs" parameter is valid. It w= ill refuse to set it to an invalid value. But FreeBSD does not validate it. T= his could cause mountd to crash or misbehave. Note that this is _not_ a security vulnerability, even in combination with = ZFS delegations, because /etc/zfs/exports may only be updated by root, even when the sharenfs property is delegated. $ sudo zpool create foo da0 $ sudo zfs set sharenfs=3D$'XXX\n/usr/home' foo $ sudo cat /etc/zfs/exports=20 # !!! DO NOT EDIT THIS FILE MANUALLY !!! /foo XXX /usr/home --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-221987-8>