Bug 192227 - newfs creates .snap with world readable permissions 0777
Summary: newfs creates .snap with world readable permissions 0777
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 10.0-RELEASE
Hardware: Any Any
: Normal Affects Many People
Assignee: freebsd-bugs mailing list
Depends on:
Reported: 2014-07-28 22:51 UTC by rsimmons0
Modified: 2019-04-25 20:49 UTC (History)
2 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description rsimmons0 2014-07-28 22:51:59 UTC
According to the dump(8) man page, the .snap directory should have 0770 permissions, but after running newfs and mounting a UFS file system, the .snap directory permissions are 0777.
Comment 1 heliocentric 2015-12-13 23:13:26 UTC
I looked at the code, and after a newfs the permissions are 775. I validated this in the source code for newfs, that it creates the inode with permissions 755|020. The 755 is hard coded into mkfs.c.

I'm not sure how it is coming out as 777 in your case, as this code hasn't changed since 2005.
Comment 2 Sean Eric Fagan freebsd_committer 2019-04-25 20:49:59 UTC
The comment in the dump man page isn't entirely correct; it should be at least 050 (that is, owned by root, group operator, and readable+searchable by the group).

We could also change the newfs/mkfs.c code to use a more restrictive mode.