From dcef4f65ae3978c50eab745f67364db4660a9f43 Mon Sep 17 00:00:00 2001 From: Kyle Evans Date: Thu, 4 Jun 2020 18:09:55 +0000 Subject: [PATCH] vfs: add restrictions to read(2) of a directory [1/2] Historically, we've allowed read() of a directory and some filesystems will accommodate (e.g. ufs/ffs, msdosfs). From the history department staffed by Warner: <uio_rw == UIO_READ ? vn_read : vn_write; vp = fp->f_vnode; + + /* + * The ability to read(2) on a directory has historically been + * allowed for all users, but this can and has been the source of + * at least one security issue in the past. As such, it is now hidden + * away behind a sysctl for those that actually need it to use it. + */ + if (vp->v_type == VDIR) { + KASSERT(uio->uio_rw == UIO_READ, + ("illegal write attempted on a directory")); + if (!vfs_allow_read_dir) + return (EISDIR); + } + foffset_lock_uio(fp, uio, flags); if (do_vn_io_fault(vp, uio)) { args.kind = VN_IO_FAULT_FOP;