203185 – mountd is exposing parent directories [on zfs mount?] that it should not be

Bug 203185 - mountd is exposing parent directories [on zfs mount?] that it should not be

Summary: mountd is exposing parent directories [on zfs mount?] that it should not be

Status:	Closed Works As Intended

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	CURRENT
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	freebsd-fs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-09-18 01:04 UTC by Enji Cooper
Modified:	2015-10-25 02:54 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Enji Cooper freebsd_committer

2015-09-18 01:04:52 UTC

Granted, my "release" is approaching 4 months old now, but it
unsettles me that my files/directories are exposed even though
they shouldn't be by mountd.

% sudo bash
% uname -a
FreeBSD wkstn-fbsd-ngie 11.0-CURRENT FreeBSD 11.0-CURRENT #14 r283337+9c333ed(isilon-atf): Tue May 26 21:52:48 PDT 2015     ngie@wkstn-fbsd-ngie:/usr/obj/usr/src/sys/GENERIC-WITHOUT-WITNESS  amd64
% cat /etc/exports
/home/ngie/XXX        -maproot=0:0 -alldirs
/scratch        -maproot=0:0
/usr/src                -maproot=0:0 -alldirs
/usr/ports              -maproot=0:0 -alldirs
/usr/ports/distfiles            -maproot=0:0 -alldirs
[root@wkstn-fbsd-ngie /home/ngie]# showmount -e
Exports list on localhost:
/usr/src                           Everyone
/usr/ports/distfiles               Everyone
/usr/ports                         Everyone
/home/ngie/XXX                   Everyone
/scratch                           Everyone
% mkdir /mnt/tmp
# THE FOLLOWING SHOULD NOT WORK -- it should fail with `Permission denied`
% mount localhost:/home/ngie /mnt/tmp
% ls /mnt/tmp

(... A whole lot of files get dumped out... )

% echo 'abcdefgh' > foobar
% ls -l foobar
-rw-r--r--  1 root  ngie  9 Sep 17 17:56 foobar
% ls -l /mnt/tmp/foobar
-rw-r--r--  1 root  ngie  9 Sep 17 17:56 /mnt/tmp/foobar
% df -h .
Filesystem    Size    Used   Avail Capacity  Mounted on
root/home     319G     88G    231G    28%    /home
% umount /mnt/tmp
% mount localhost:/etc /mnt/tmp
[tcp] localhost:/etc: Permission denied
[tcp6] localhost:/etc: Permission denied

Comment 1 Enji Cooper freebsd_committer

2015-09-18 01:06:04 UTC

Likely a FreeBSD FS bug. I have 9.3/10.2/a more recent version of CURRENT installed on a few different machines at home (some with and some without ZFS). I'll try and repro this issue there.

Comment 2 Rick Macklem freebsd_committer

2015-09-18 23:49:01 UTC

The -alldirs flag allows all directories within the file system
to be mounted. If the directory specified in the path isn't the
root of the file system, then that will include directory paths
above the directory. Note that "showmount" uses the Mount protocol
and there is no way to express "-alldirs" for it, so showmount can
only show the path in the /etc/exports line.

Here is the snippet from "man exports":
     The second	is to specify the pathname of the root of the file system fol-
     lowed by the -alldir flag; this form allows the host(s) to mount at any
     point within the file system, including regular files if the -r option is
     used on mountd(8).

Although the man pages says "root of the file system", mountd does not enforce
this.

I am assuming that /home/ngie is the same file system as /home/ngie/XXX.

Please close this bug unless you still feel that mountd is not providing
the semantics expressed in "man exports" above.

Comment 3 Enji Cooper freebsd_committer

2015-10-25 02:54:06 UTC

I've been using FreeBSD for over a decade, but missed this nuance.. I'm not sure that it's the right behavior, but it's documented at least. Closing.