From: jw schultz <jw@pegasys.ws>
To: Linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: About /etc/mtab and /proc/mounts
Date: Sun, 2 Mar 2003 17:04:09 -0800 [thread overview]
Message-ID: <20030303010409.GA3206@pegasys.ws> (raw)
In-Reply-To: <3E621235.2C0CD785@daimi.au.dk>
On Sun, Mar 02, 2003 at 03:16:21PM +0100, Kasper Dupont wrote:
> DervishD wrote:
> >
> > If 'mount' treats specially the
> > mtab if it is a symlink... well, IMHO this is not correct. Yes, this
> > can lead to an attack, but: 'mount' is a setuid program, and only
> > root can symlink /etc/mtab, true?
>
> The reason for mount not to update /etc/mtab if it is a symlink is
> not security concerns, but rather that it could be a symlink to
> /proc/mounts. Another problem is the way the update is actually
> done. A lockfile named /etc/mtab~ is created, and a new mtab is
> written to /etc/mtab.tmp which is later renamed on top of mtab.
>
> Some of this can obviously be solved by changing mount. But if we
> are going to change mount in non-trivial ways, we should aim for a
> better longterm solution. It would be possible for mount to start
> from /et/mtab and use readlink until the actual location is found.
> Then if the path starts with /proc/ the update can be skipped, or
> done in a different way. And if the location is outside /proc then
> create lockfilename and tempfilename by appending to this path.
>
> But all that is IMHO a bad solution. Getting the actual location
> right is nontrivial. And we should rather aim for an implementation
> in /proc and have mount write there directly. But there are a few
> open questions I'd like answered before trying to implement a
> /proc/mtab.
You are talking about adding hacks to workaround the
original hack. Nothing should write to mtab. Say it with
me "Nothing should write to mtab".
mount(8) and umount(8) are the only almost the only things that
write mtab all others are readers. I may be wrong but the
data argument to mount(2) looks like it should support
everything missing from /proc/mounts. Alternatively change
mount(2) and mount(8) and any other mount(2) callers will
be revealed.
The reason to leave a /etc/mtab symlink is so that the
old tools other than (u)mount don't need updates.
--
________________________________________________________________
J.W. Schultz Pegasystems Technologies
email address: jw@pegasys.ws
Remember Cernan and Schmitt
next prev parent reply other threads:[~2003-03-03 0:53 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-02-19 11:21 About /etc/mtab and /proc/mounts DervishD
2003-02-26 9:18 ` Kasper Dupont
2003-02-26 10:26 ` Miquel van Smoorenburg
2003-02-26 11:00 ` Olaf Dietsche
2003-02-26 11:14 ` Måns Rullgård
2003-02-26 11:44 ` Kasper Dupont
2003-02-26 12:16 ` Olaf Dietsche
2003-02-26 12:34 ` Måns Rullgård
2003-02-26 13:39 ` Olaf Dietsche
2003-02-26 13:54 ` Måns Rullgård
2003-02-26 14:23 ` Olaf Dietsche
2003-02-27 4:14 ` Miles Bader
2003-02-27 6:40 ` Kasper Dupont
2003-02-27 7:03 ` Joseph Wenninger
2003-02-27 8:28 ` Kasper Dupont
2003-03-05 0:03 ` Jamie Lokier
2003-02-27 7:06 ` Miles Bader
2003-02-27 8:25 ` Kasper Dupont
2003-02-27 8:42 ` Miles Bader
2003-02-27 9:21 ` jw schultz
2003-02-27 9:49 ` Miles Bader
2003-02-27 23:33 ` Kasper Dupont
2003-02-27 12:48 ` Denis Vlasenko
2003-02-27 23:28 ` Kasper Dupont
2003-02-28 6:15 ` Denis Vlasenko
2003-03-02 13:04 ` DervishD
2003-03-02 14:16 ` Kasper Dupont
2003-03-03 1:04 ` jw schultz [this message]
2003-03-03 12:22 ` Kasper Dupont
2003-03-04 2:02 ` jw schultz
2003-03-05 12:57 ` Kasper Dupont
2003-03-06 1:18 ` jw schultz
2003-03-06 23:30 ` Kasper Dupont
2003-03-04 11:16 ` DervishD
2003-03-04 11:08 ` DervishD
2003-02-27 9:46 ` Kasper Dupont
2003-02-27 9:58 ` Miles Bader
2003-02-27 12:26 ` Gabriel Paubert
2003-02-27 7:07 ` Joseph Wenninger
2003-02-27 7:08 ` Dominik Kubla
2003-02-27 8:12 ` Kasper Dupont
2003-02-27 9:11 ` Dominik Kubla
2003-02-27 16:00 ` Horst von Brand
2003-02-27 16:31 ` Christoph Hellwig
2003-02-27 16:40 ` Dominik Kubla
2003-02-27 19:47 ` Kasper Dupont
2003-02-27 22:13 ` Valdis.Kletnieks
2003-02-27 22:31 ` Kasper Dupont
2003-02-27 23:54 ` Miquel van Smoorenburg
2003-02-28 1:37 ` Miles Bader
2003-03-02 12:53 ` DervishD
2003-03-02 14:00 ` Kasper Dupont
2003-03-04 11:02 ` DervishD
2003-03-04 12:09 ` Kasper Dupont
2003-03-04 14:53 ` DervishD
2003-03-02 12:51 ` DervishD
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030303010409.GA3206@pegasys.ws \
--to=jw@pegasys.ws \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox