Re: kern/54947: chroot mount file systems leak the actual path in superblock

[Christos Zoulas <christos%zoulas.com@localhost>]

The following reply was made to PR kern/54947; it has been noted by GNATS.

From: Christos Zoulas <christos%zoulas.com@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: kern-bug-people%netbsd.org@localhost,
 gnats-admin%netbsd.org@localhost,
 netbsd-bugs%netbsd.org@localhost
Subject: Re: kern/54947: chroot mount file systems leak the actual path in
 superblock
Date: Sat, 8 Feb 2020 11:27:40 -0500

 --Apple-Mail=_525BB5EF-7C6C-420B-9FF3-5BD1D18DFA4A
 Content-Transfer-Encoding: quoted-printable
 Content-Type: text/plain;
 	charset=us-ascii
 
 1. There is nothing to be done about it; the part is recorded inside the =
 superblock.
 2. One should not be making device nodes with access to physical devices =
 in the chroot.
     Getting the path from the superblock is the least of the concerns if =
 you give root access
     inside a chroot...
 3. This is purely an information leak. The same can happen if you plug =
 in a usb fob that
     has a filesystem on it, and the information you get on it is not =
 very useful.
 
 christos
 
 --Apple-Mail=_525BB5EF-7C6C-420B-9FF3-5BD1D18DFA4A
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
 	filename=signature.asc
 Content-Type: application/pgp-signature;
 	name=signature.asc
 Content-Description: Message signed with OpenPGP
 
 -----BEGIN PGP SIGNATURE-----
 Comment: GPGTools - http://gpgtools.org
 
 iF0EARECAB0WIQS+BJlbqPkO0MDBdsRxESqxbLM7OgUCXj7hfAAKCRBxESqxbLM7
 OnS4AJ41vtXheH31Cf8Yk0A1dMy3fhgzhgCgwbYEwZFLnsBIC9S2NsxN8k8Dsz4=
 =jMJM
 -----END PGP SIGNATURE-----
 
 --Apple-Mail=_525BB5EF-7C6C-420B-9FF3-5BD1D18DFA4A--