From 02a4be3f74a570c6c427082bca7e131a00e4c512 Mon Sep 17 00:00:00 2001 From: "Simon L. B. Nielsen" Date: Wed, 20 Jul 2005 13:34:16 +0000 Subject: [PATCH] Correct devfs ruleset bypass. Submitted by: csjp Reviewed by: phk Security: FreeBSD-SA-05:17.devfs Approved by: cperciva --- sys/fs/devfs/devfs_vnops.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/sys/fs/devfs/devfs_vnops.c b/sys/fs/devfs/devfs_vnops.c index b03498f20c1..34e78d98825 100644 --- a/sys/fs/devfs/devfs_vnops.c +++ b/sys/fs/devfs/devfs_vnops.c @@ -788,6 +788,12 @@ devfs_mknod(struct vop_mknod_args *ap) struct devfs_mount *dmp; int error; + /* + * The only type of node we should be creating here is a + * character device, for anything else return EOPNOTSUPP. + */ + if (ap->a_vap->va_type != VCHR) + return (EOPNOTSUPP); dvp = ap->a_dvp; dmp = VFSTODEVFS(dvp->v_mount); lockmgr(&dmp->dm_lock, LK_EXCLUSIVE, 0, curthread);