The branch main has been updated by wosch: URL: https://cgit.FreeBSD.org/src/commit/?id=a2c87d4f88e1bfe3b7007fa7148ebc7d37fc54cc
commit a2c87d4f88e1bfe3b7007fa7148ebc7d37fc54cc Author: Wolfram Schneider <[email protected]> AuthorDate: 2026-01-19 10:47:53 +0000 Commit: Wolfram Schneider <[email protected]> CommitDate: 2026-01-19 10:47:53 +0000 symlink.7: add a new section "mount options" Add a new section "mount options" to explain the mount option nosymfollow in more details. Differential Revision: https://reviews.freebsd.org/D54530 --- bin/ln/symlink.7 | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/bin/ln/symlink.7 b/bin/ln/symlink.7 index 28d9908f2053..db251e1d2985 100644 --- a/bin/ln/symlink.7 +++ b/bin/ln/symlink.7 @@ -72,13 +72,15 @@ or a loop is detected. links that may be followed, and an error results if this limit is exceeded.) .Pp -There are three separate areas that need to be discussed. +There are four separate areas that need to be discussed. They are as follows: .Pp .Bl -enum -compact -offset indent .It Symbolic links used as file name arguments for system calls. .It +Mount options to ignore symbolic links. +.It Symbolic links specified as command line arguments to utilities that are not traversing a file tree. .It @@ -178,6 +180,20 @@ The system call was added later when the limitations of the new .Xr chown 2 became apparent. +.Ss Mount options +.Fx +has a +.Xr mount 8 +option nosymfollow. When this option is enabled, the kernel +does not follow symlinks on the mounted file system and return EACCES. +You can still create or remove symlinks, or read the value of a symbolic link. +.Pp +This option is intended to be used when mounting file systems from +untrusted external storage systems or public writable /tmp file systems +to prevent symlink-based privilege escalation and sandbox escape attacks. +.Pp +The mount option nosymfollow first appeared in +.Fx 3.0 .Ss Commands not traversing a file tree. The second area is symbolic links, specified as command line file name arguments, to commands which are not traversing a file tree. @@ -478,4 +494,5 @@ whether specified on the command line or encountered in the tree walk. .Xr unlink 2 , .Xr fts 3 , .Xr remove 3 , -.Xr chown 8 +.Xr chown 8 , +.Xr mount 8
