© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
demo site
(Get the code!)
Message-ID: <20050221152552
Date: Mon, 21 Feb 2005 10:25:53 -0500
From: Justin Pryzby <email address hidden>
To: Tyler MacDonald <email address hidden>, <email address hidden>
Subject: Re: Bug#296201: mount: unprivileged user can mount partition without updating mtab
On Mon, Feb 21, 2005 at 09:14:42AM -0500, pryzbyj wrote:
> On Sun, Feb 20, 2005 at 03:59:20PM -0800, Tyler MacDonald wrote:
> > Package: mount
> > Version: 2.12p-2
> > Severity: grave
> > Justification: user security hole
> >
> >
> > If a non-root user mounts media (in my case, a CD-ROM), and attempts
> > to kill the process (in my case, a mad combination of ^C and ^\),
> > the filesystem can be mounted, yet not appear in /etc/mtab.
I can't reproduce this. mount.c:856 blocks all signals, then tries to
mount the fs, then updates mtab, then unblocks signals. I tested and
this appears to ensure atomicity of the mount,mtab block WRT signals.
Justin