I said:
> 2015/12/01 12:24、arisawa <[email protected]> のメール:
>
> Hello 9fans,
>
> current kernel allows unmount even if after rfork m.
> this feature makes sandboxing difficult.
> can anyone explain this feature is necessary?
>
> Kenji Arisawa
I make a protection for unmounting after rfork -m and now testing.
my idea is: protecting unmount with a single argument.
it seems the following code is working, however I am not sure this is OK.
any comment welcome.
/sys/src/9/port/sysfile.c:
sysunmount(va_list list)
{
Chan *cmount, *cmounted;
char *name, *old;
name = va_arg(list, char*);
old = va_arg(list, char*);
/* a protection for 'unmount' after 'rfork m'
* we can reject any unmount, however it might not be user
friendly to do so.
* more moderate way might be disallowing
* unmount mntpoint # sigle argument
* it is ideal though: we disalow unmount dirs that are mounted
before rfork m.
* probably we need this protection also in regular kernel
*
* print("name=%s old=%s\n",name,old);
* the output is, e.g,
* name=srv/factorum
* old=/mnt
* -Kenar- */
if(up->pgrp->noattach && (name == nil)){
error(Eperm);
return 0;
}
