All of lore.kernel.org
 help / color / mirror / Atom feed
From: Kasper Dupont <kasperd@daimi.au.dk>
To: DervishD <raul@pleyades.net>
Cc: jw schultz <jw@pegasys.ws>, Linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: About /etc/mtab and /proc/mounts
Date: Sun, 02 Mar 2003 15:16:21 +0100	[thread overview]
Message-ID: <3E621235.2C0CD785@daimi.au.dk> (raw)
In-Reply-To: 20030302130430.GI45@DervishD

DervishD wrote:
> 
> If 'mount' treats specially the
> mtab if it is a symlink... well, IMHO this is not correct. Yes, this
> can lead to an attack, but: 'mount' is a setuid program, and only
> root can symlink /etc/mtab, true?

The reason for mount not to update /etc/mtab if it is a symlink is
not security concerns, but rather that it could be a symlink to
/proc/mounts. Another problem is the way the update is actually
done. A lockfile named /etc/mtab~ is created, and a new mtab is
written to /etc/mtab.tmp which is later renamed on top of mtab.

Some of this can obviously be solved by changing mount. But if we
are going to change mount in non-trivial ways, we should aim for a
better longterm solution. It would be possible for mount to start
from /et/mtab and use readlink until the actual location is found.
Then if the path starts with /proc/ the update can be skipped, or
done in a different way. And if the location is outside /proc then
create lockfilename and tempfilename by appending to this path.

But all that is IMHO a bad solution. Getting the actual location
right is nontrivial. And we should rather aim for an implementation
in /proc and have mount write there directly. But there are a few
open questions I'd like answered before trying to implement a
/proc/mtab.

-- 
Kasper Dupont -- der bruger for meget tid på usenet.
For sending spam use mailto:aaarep@daimi.au.dk
for(_=52;_;(_%5)||(_/=5),(_%5)&&(_-=2))putchar(_);

  reply	other threads:[~2003-03-02 14:06 UTC|newest]

Thread overview: 56+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-02-19 11:21 About /etc/mtab and /proc/mounts DervishD
2003-02-26  9:18 ` Kasper Dupont
2003-02-26 10:26   ` Miquel van Smoorenburg
2003-02-26 11:00     ` Olaf Dietsche
2003-02-26 11:14       ` Måns Rullgård
2003-02-26 11:44         ` Kasper Dupont
2003-02-26 12:16         ` Olaf Dietsche
2003-02-26 12:34           ` Måns Rullgård
2003-02-26 13:39             ` Olaf Dietsche
2003-02-26 13:54               ` Måns Rullgård
2003-02-26 14:23                 ` Olaf Dietsche
2003-02-27  4:14   ` Miles Bader
2003-02-27  6:40     ` Kasper Dupont
2003-02-27  7:03       ` Joseph Wenninger
2003-02-27  8:28         ` Kasper Dupont
2003-03-05  0:03           ` Jamie Lokier
2003-02-27  7:06       ` Miles Bader
2003-02-27  8:25         ` Kasper Dupont
2003-02-27  8:42           ` Miles Bader
2003-02-27  9:21             ` jw schultz
2003-02-27  9:49               ` Miles Bader
2003-02-27 23:33                 ` Kasper Dupont
2003-02-27 12:48               ` Denis Vlasenko
2003-02-27 23:28                 ` Kasper Dupont
2003-02-28  6:15                   ` Denis Vlasenko
2003-03-02 13:04               ` DervishD
2003-03-02 14:16                 ` Kasper Dupont [this message]
2003-03-03  1:04                   ` jw schultz
2003-03-03 12:22                     ` Kasper Dupont
2003-03-04  2:02                       ` jw schultz
2003-03-05 12:57                         ` Kasper Dupont
2003-03-06  1:18                           ` jw schultz
2003-03-06 23:30                             ` Kasper Dupont
2003-03-04 11:16                       ` DervishD
2003-03-04 11:08                   ` DervishD
2003-02-27  9:46             ` Kasper Dupont
2003-02-27  9:58               ` Miles Bader
2003-02-27 12:26                 ` Gabriel Paubert
2003-02-27  7:07       ` Joseph Wenninger
2003-02-27  7:08       ` Dominik Kubla
2003-02-27  8:12         ` Kasper Dupont
2003-02-27  9:11           ` Dominik Kubla
2003-02-27 16:00             ` Horst von Brand
2003-02-27 16:31               ` Christoph Hellwig
2003-02-27 16:40               ` Dominik Kubla
2003-02-27 19:47                 ` Kasper Dupont
2003-02-27 22:13                   ` Valdis.Kletnieks
2003-02-27 22:31                     ` Kasper Dupont
2003-02-27 23:54                       ` Miquel van Smoorenburg
2003-02-28  1:37                         ` Miles Bader
2003-03-02 12:53     ` DervishD
2003-03-02 14:00       ` Kasper Dupont
2003-03-04 11:02         ` DervishD
2003-03-04 12:09           ` Kasper Dupont
2003-03-04 14:53             ` DervishD
2003-03-02 12:51   ` DervishD

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3E621235.2C0CD785@daimi.au.dk \
    --to=kasperd@daimi.au.dk \
    --cc=jw@pegasys.ws \
    --cc=linux-kernel@vger.kernel.org \
    --cc=raul@pleyades.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.