Project

General

Profile

Bug #3284

devfs: ACLs on device node can become applied to wrong devices; UID/GID not retained

Added by Jim Klimov about 8 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Start date:
2012-10-17
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:

Description

NFSv4-style ACLs can be set on device nodes (/devices/*) and can be "remembered" across reboots.
However, these ACLs are "remembered" for particular device node pathnames, and after a reboot some different device can become attached to a name with a particular pathname (i.e. ZVOLs are assigned names in order of access during the current uptime). As a result, users may not have the expected device access after reboot, and other users may gain unexpected access to devices (or ZVOL data) they were not supposed to have. Interestingly, the owner UID:GID values are not "remembered" across boots (at least, not for ZVOLs).
I believe this situation is a possible security risk, and the ability to "remember" ACLs on device nodes should either be fixed somehow (so that the access rights are applied the same way to the same devices across reboots), or (configurably?) disabled until a solution appears.
Detailed discussion link: http://permalink.gmane.org/gmane.os.openindiana.general/10002
Separate RFE to remember device node ownership and ACLs for ZVOLs: https://www.illumos.org/issues/3283

No data to display

Also available in: Atom PDF