* uid of person who mounts and user unmount
@ 2005-04-07 2:36 Steve French
0 siblings, 0 replies; only message in thread
From: Steve French @ 2005-04-07 2:36 UTC (permalink / raw)
To: linux-kernel
smbfs displays the uid of the mounter in show_mounts (viewable in
/proc/mounts ) and this would allow a setuid unmount program to check
the uid of the mounter via /proc/mounts (there is also an ioctl which
does something similar).
Is this approach secure enough?
I slightly prefer an approach in which a program that wishes to check if
the current->uid matches that of the mounter (or that uid which was
specified on the mount command option and which was saved in the fs's
superblock) simply calls an empty ioctl to the fs - which returns yes/no
(the uid of the current process, matches the uid of the process that did
the mount or not, this requires the fs to save the uid at mount but
presumably has the disadvantage of opening a file to get a handle that
you can use for the ioctl).
There are other ways to achieve somewhat similar effect - of allowing
user mounts and unmounts via fstab - but I have had users request a way
to do this via a setuid filesystem specific umount util.
Is there a security issue with displaying the uid of the mounter via the
fs's show_mounts (shows up in /proc/mounts)
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-04-07 2:36 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-04-07 2:36 uid of person who mounts and user unmount Steve French
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox