On Sat, 8 Sep 2007, Antti Harri wrote:
> Hello,
>
> First just plain directory with mode=700:
>
> drwx------ 43 root wheel 2048 Sep 7 22:24 /backups/
>
> Then I mount filesystem under /backups:
>
> /dev/sd0i on /backups type ffs (local, softdep)
> drwxr-x--- 43 root wheel 2048 Sep 7 22:24 /backups/
>
> The permissions changed, so far good because I've changed
> the modes of the mounted volume to 750.
>
> Then as a normal user belonging to 'wheel' I do:
>
> $ ls -la /backups/
> ls: /backups/..: Permission denied
> [rest of the files are listed normally, including '.']
>
> $ stat /backups/..
> stat: /backups/..: Permission denied
>
> Doing those as root is fine.
>
> I asked my friend to reproduce this on Linux but
> he was unable get any weird errors, therefore
> I'm asking here. :-)
You're clearly accessing /backups/.. according to the permissions
(700) of the mount point, /backups, not the root directory of the
mounted volume, which is what you see with ls and stat for /backups
after the mount.
(This can be demonstrated by umounting /backups, chmoding /backups
to 750, remounting and trying again.)
As far as I know, this is normal operation for ffs/BSD. My *guess*
is that this feature may serve to stifle a way of leveraging permissions
through mounting, but, I repeat, that's a guess.
Linux may well have different fs semantics (it definitely does in
other aspects of file system permissions); it's System-V-ish, not
BSD-ish. It's not a guide, therefore, in these file-system semantics
problems.
Dave
--
"America ... might become dictatress of the world.
She would be no longer the ruler of her own spirit."
-- John Quincy Adams, July 4, 1821
