Discussion:
vfs.usermount allows users to do arbitrary unmounts
Yuri Pankov
2018-10-07 18:58:21 UTC
Permalink
Hi,

Going through https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232021,
I noticed that unmount(2) will not fail with EPERM as expected on mounts
that don't belong to the user, and which were not mounted by that user,
e.g.:

# zfs create data/test
# ls -ld /data/test
drwxr-xr-x 2 root wheel 2 Oct 7 21:55 /data/test
$ umount /data/test; echo $?
0

Even if vfs.usermount isn't great from security perspective, is this
expected?
Yuri Pankov
2018-10-07 19:08:11 UTC
Permalink
Post by Yuri Pankov
Hi,
Going through https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232021,
I noticed that unmount(2) will not fail with EPERM as expected on mounts
that don't belong to the user, and which were not mounted by that user,
# zfs create data/test
# ls -ld /data/test
drwxr-xr-x  2 root  wheel  2 Oct  7 21:55 /data/test
$ umount /data/test; echo $?
0
Even if vfs.usermount isn't great from security perspective, is this
expected?
Nevermind me, looks like I got it all confused with using `zfs allow`.
Loading...