[Bug 266240] ACL_READ_ATTRIBUTES denied has no effect on UFS

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 05 Sep 2022 21:10:45 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266240

            Bug ID: 266240
           Summary: ACL_READ_ATTRIBUTES denied has no effect on UFS
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: asomers@FreeBSD.org

Creating an NFSv4 ACL with an entry that denies ACL_READ_ATTRIBUTES ought to
deny the user the ability to stat the file.  On ZFS, it does.  But on UFS, it
has no effect.

Steps to Reproduce:

#! /bin/sh
truncate -s 1g /tmp/ufs.img
MD=`mdconfig -a -t vnode -f /tmp/ufs.img`
newfs $MD
tunefs -N enable /dev/$MD
sudo mount /dev/$MD /mnt
cd /mnt
touch foo
setfacl -a 0 user:nobody:------a-------:-------:deny foo
sudo -u nobody stat $FILE >/dev/null 2>&1
if [ $? -eq 0 ]; then
        echo -e "ERROR: user nobody can stat the file, despite being denied by
ACL"
fi

cd /
umount /mnt
mdconfig -d -u $MD

-- 
You are receiving this mail because:
You are the assignee for the bug.