Date: Sun, 7 Oct 2018 21:58:21 +0300 From: Yuri Pankov <yuripv@yuripv.net> To: freebsd-hackers <freebsd-hackers@freebsd.org> Subject: vfs.usermount allows users to do arbitrary unmounts Message-ID: <da6b55e4-cc5e-96b2-02a1-d102a79aea20@yuripv.net>
next in thread | raw e-mail | index | archive | help
Hi, Going through https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232021, I noticed that unmount(2) will not fail with EPERM as expected on mounts that don't belong to the user, and which were not mounted by that user, e.g.: # zfs create data/test # ls -ld /data/test drwxr-xr-x 2 root wheel 2 Oct 7 21:55 /data/test $ umount /data/test; echo $? 0 Even if vfs.usermount isn't great from security perspective, is this expected?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?da6b55e4-cc5e-96b2-02a1-d102a79aea20>