989d921f5d
I'm very pleased to announce the release of our new website and documentation using the new toolchain with Hugo and AsciiDoctor. To get more information about the new toolchain please read the FreeBSD Documentation Project Primer[1], Hugo docs[2] and AsciiDoctor docs[3]. Acknowledgment: Benedict Reuschling <bcr@> Glen Barber <gjb@> Hiroki Sato <hrs@> Li-Wen Hsu <lwhsu@> Sean Chittenden <seanc@> The FreeBSD Foundation [1] https://docs.FreeBSD.org/en/books/fdp-primer/ [2] https://gohugo.io/documentation/ [3] https://docs.asciidoctor.org/home/ Approved by: doceng, core
40 lines
1.1 KiB
Diff
40 lines
1.1 KiB
Diff
Index: sys/nfsclient/nfs_vfsops.c
|
|
===================================================================
|
|
--- sys/nfsclient/nfs_vfsops.c (revision 208414)
|
|
+++ sys/nfsclient/nfs_vfsops.c (working copy)
|
|
@@ -1074,6 +1074,11 @@
|
|
error = EINVAL;
|
|
goto out;
|
|
}
|
|
+ if (args.fhsize < 0 || args.fhsize > NFSX_V3FHMAX) {
|
|
+ vfs_mount_error(mp, "Bad file handle");
|
|
+ error = EINVAL;
|
|
+ goto out;
|
|
+ }
|
|
|
|
if (mp->mnt_flag & MNT_UPDATE) {
|
|
struct nfsmount *nmp = VFSTONFS(mp);
|
|
Index: lib/libc/sys/mount.2
|
|
===================================================================
|
|
--- lib/libc/sys/mount.2 (revision 208535)
|
|
+++ lib/libc/sys/mount.2 (working copy)
|
|
@@ -107,7 +107,7 @@
|
|
.Va vfs.usermount
|
|
.Xr sysctl 8
|
|
variable
|
|
-to a non-zero value.
|
|
+to a non-zero value; see the BUGS section for more information.
|
|
.Pp
|
|
The following
|
|
.Fa flags
|
|
@@ -374,3 +374,10 @@
|
|
.Fx 5.0 .
|
|
.Sh BUGS
|
|
Some of the error codes need translation to more obvious messages.
|
|
+.Pp
|
|
+Allowing untrusted users to mount arbitrary media, e.g. by enabling
|
|
+.Va vfs.usermount ,
|
|
+should not be considered safe.
|
|
+Most file systems in
|
|
+.Fx
|
|
+were not built to safeguard against malicious devices.
|