flaw in the mount system call
From: Andries.Brouwer
Date: Sat Aug 26 2006 - 16:20:13 EST
I no longer maintain mount or util-linux, but people still
send mail concerning mount. One letter complained that
asking for a bind mount with flags nosuid,noexec does not work,
while first doing the bind mount, and then afterwards doing
a remount with nosuid,noexec does work (but is insecure).
And indeed, looking at a random recent kernel source I see
mnt_flags := per_mountpoint_flags;
if (flags & MS_REMOUNT)
retval = do_remount(&nd, flags & ~MS_REMOUNT, mnt_flags,
data_page);
else if (flags & MS_BIND)
retval = do_loopback(&nd, dev_name, flags & MS_REC);
else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
retval = do_change_type(&nd, flags);
else if (flags & MS_MOVE)
retval = do_move_mount(&nd, dev_name);
else
retval = do_new_mount(&nd, type_page, flags, mnt_flags,
dev_name, data_page);
That is, the per-mountpoint flags are used for ordinary mounts
and for remounts, but ignored on bind mounts.
Probably do_loopback() should have an additional parameter.
Doing things one-by-one may be less good since it leaves a race.
Andries
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/