[HEADSUP] Disallowing read() of a directory fd
Rodney W. Grimes
freebsd at gndrsh.dnsmgr.net
Fri May 15 19:44:37 UTC 2020
> On Thu, May 14, 2020 at 1:26 PM Kyle Evans <kevans at freebsd.org> wrote:
> >
> > Hi,
> >
> > This is a heads up, given that I'm completely flipping our historical
> > behavior- I intend to commit this review in a couple days' time
> > without substantial objection: https://reviews.freebsd.org/D24596
> >
>
> Note that the review has been updated to reflect feedback received
> through the course of this discussion. The current version, as of the
> time of writing, instead adds a security.bsd.allow_read_dir
> (defaulting to off) that will allow the system root (*not* jailed
> root) the ability to read(2) a directory if the filesystem supports
> it. A new priv(9), PRIV_VFS_READ_DIR has been added so that anyone
> interested in expanding the scope of the sysctl beyond the system root
> is welcome to implement a MAC policy for it.
>
> rgrimes@ and phk@ have been specifically invited to the review as
> representatives of those opposing the original change, but of course
> anyone is free to add themselves and/or simply chime in with
> constructive objections.
I did not oppose the change, just asked that the change be knobbed
so that the few rare ones of us that do use this ability do not
have to jump through hoops when we need it to fix a problem.
Everyone should remeber just because you do not find it useful
does not mean it is not useful functionality. Remember the mantra,
methods, not policy. This is a policy change.
> Thanks,
> Kyle Evans
Regards,
--
Rod Grimes rgrimes at freebsd.org
More information about the freebsd-arch
mailing list