Re: [PATCH] make automounter runnable in foreground and add stderr logging

From: Denis Vlasenko
Date: Thu Oct 07 2004 - 16:03:53 EST


On Thursday 07 October 2004 21:17, Valdis.Kletnieks@xxxxxx wrote:
> On Thu, 07 Oct 2004 20:49:17 +0300, Denis Vlasenko said:
>
> > PS: is there a reason why automount does this?
> >
> > /* include/config.h. Generated by configure. */
> > #define PATH_MOUNT "/usr/bin/mount"
> > #define PATH_UMOUNT "/usr/bin/umount"
> > #define PATH_E2FSCK "/usr/bin/fsck.ext2"
> > #define PATH_E3FSCK "/usr/bin/fsck.ext3"
> >
> > We have $PATH for ages...
>
> Yes, and sometimes you specifically want to make sure you pick up the
> right official binary, and not some other one that happens to be in $PATH.
> If somebody manages to get automount launched with an insecure $PATH, you

if (geteuid() != 0) {
fprintf(stderr, "%s: This program must be run by root\n", program);
exit(1);
}

If root starts automount with bogus $PATH, well, he gets what he deserves.

> could end up invoking a trojaned mount command (remember why "." in $PATH
> is a security issue....)
--
vda

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/