Bug 146543 - [patch] mount(8): securelevel does not affect mount (duplicate of kern/22142)
Summary: [patch] mount(8): securelevel does not affect mount (duplicate of kern/22142)
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 8.0-RELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
Depends on:
Reported: 2010-05-13 12:30 UTC by GNATS administrator
Modified: 2017-12-31 22:34 UTC (History)
0 users

See Also:

file.diff (3.59 KB, patch)
2010-05-13 12:30 UTC, GNATS administrator
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description GNATS administrator freebsd_committer 2010-05-13 12:30:07 UTC
Securelevel doesn't affect mount at all, so ro filesystem can be remounted to rw or unmounted in any securelevel.

It will be very convenient if mount -uw and unmount can be forbidden in higher (>=2) securelevels. With that it will be possible to protect the whole system by just read-only mount without dealing with immutable flags.

Fix: Somebody may want to be still able to mount/unmount/update in any secure level, so IMHO it would be the best if we can mark particular mount as protected/locked. To do that new mount option can be added.

Initial patch attached.

TODO/known bugs:
- code review/check (I'm not an FreeBSD expert/developer)
- decide if securelevel=1 should be considered
- update manuals (mount(8), mount(2), security(7), any other?)
- update handbook
- "-u -o locked" is not working
- check/implement with other fs'es than ufs2
- implement patch for mount_* commands

Patch attached with submission follows:
How-To-Repeat: mount -o ro /dev/da1 /mnt
sysctl kern.securelevel=2
mount -uw /mnt
Comment 1 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 07:59:46 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped