> > Hi,
> > I notice that in 2.3.99pre9 and newer, the system call mount(2) will under
> > some circumstances allow unprivileged users to mount things.
> Yes, it does.
> > Can anyone elaborate on what precisely we allow and why? Despite being
> > named "do_loopback", it looks like a simple aliasing mechanism.
> Yes, it is, and yes, it happened to be simple after some work ;-)
> > At the very least, mount_is_safe() would seem to be missing a check for
> > write permission on the parent directory of the mount-point.
> Hmm... What's the problem with situation when you have write permissions
> on mountpoint but not on its parent? MAY_WRITE on mountpoint is checked,
> unless I've really fscked up. Comments on security implications are more
> than welcome - the variant I've done was, basically, "can we reach the
> thing to be mounted anyway and can we already do whatever we want with the
> contents of the mountpoint?"
[I did not take a look but:]
Well, there's no other way to make directory under /tmp with nlink
count of 1. (afs should do this trick). I do not know if they are
security implications of this, but there may be. At least it is "yet
another way for hardlink".
-- I'm firstname.lastname@example.org. "In my country we have almost anarchy and I don't care." Panos Katsaloulis describing me w.r.t. patents me at email@example.com
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to firstname.lastname@example.org Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:13 EST