[HEADSUP] Disallowing read() of a directory fd

Kyle Evans kevans at freebsd.org
Fri May 15 16:58:44 UTC 2020


On Thu, May 14, 2020 at 1:26 PM Kyle Evans <kevans at freebsd.org> wrote:
>
> Hi,
>
> This is a heads up, given that I'm completely flipping our historical
> behavior- I intend to commit this review in a couple days' time
> without substantial objection: https://reviews.freebsd.org/D24596
>

Note that the review has been updated to reflect feedback received
through the course of this discussion. The current version, as of the
time of writing, instead adds a security.bsd.allow_read_dir
(defaulting to off) that will allow the system root (*not* jailed
root) the ability to read(2) a directory if the filesystem supports
it. A new priv(9), PRIV_VFS_READ_DIR has been added so that anyone
interested in expanding the scope of the sysctl beyond the system root
is welcome to implement a MAC policy for it.

rgrimes@ and phk@ have been specifically invited to the review as
representatives of those opposing the original change, but of course
anyone is free to add themselves and/or simply chime in with
constructive objections.

Thanks,

Kyle Evans


More information about the freebsd-arch mailing list