[Bug 277228] Device permissions security hole with partitioning (/dev/geom.ctl)
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 26 Feb 2024 03:11:05 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277228 --- Comment #5 from Vincent Stemen <vince.bsd@hightek.org> --- Are there any architectural limitations that would prevent you from making gpart run under setuid or setgid using the same group ID as geom.ctl (something other than operator, so that drives can still belong to operator group for backups. etc), then let gpart check the permissions on the individual devices before allowing you to modify the partition table? It seems that that you could do this with any tool that needs *.ctl permissions. -- You are receiving this mail because: You are the assignee for the bug.