Always call mount with --no-canonicalize option

Always call mount with --no-canonicalize option to prevent symlink
attacks on mount.

diff --git a/ChangeLog b/ChangeLog
index 49f4e71028847a466b0c06adb2ca372e07de9a1d..ff1c04f72c0af5d53eff66054e9227b7a39d8c94 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,9 @@
        prevent symlink attacks at umount.  util-linux >= 2.18 or a
        suitably patched version is required.
 
+       * Always call mount with --no-canonicalize option to prevent
+       symlink attacks on mount.
+
 2010-11-08  Miklos Szeredi <miklos@szeredi.hu>
 
        * Open /dev/null for write instead of read for redirecting stdout

diff --git a/lib/mount_util.c b/lib/mount_util.c
index 4230e637b77f415a6e2dbf273c91514e8648ad22..d008fcc664318f0082ac3adc02731b4c0ba43fe2 100644 (file)
--- a/lib/mount_util.c
+++ b/lib/mount_util.c
@@ -54,69 +54,6 @@ static int mtab_needs_update(const char *mnt)
        return 1;
 }
 
-static int add_mount_legacy(const char *progname, const char *fsname,
-                           const char *mnt, const char *type, const char *opts)
-{
-       int res;
-       int status;
-       sigset_t blockmask;
-       sigset_t oldmask;
-
-       sigemptyset(&blockmask);
-       sigaddset(&blockmask, SIGCHLD);
-       res = sigprocmask(SIG_BLOCK, &blockmask, &oldmask);
-       if (res == -1) {
-               fprintf(stderr, "%s: sigprocmask: %s\n", progname, strerror(errno));
-               return -1;
-       }
-
-       res = fork();
-       if (res == -1) {
-               fprintf(stderr, "%s: fork: %s\n", progname, strerror(errno));
-               goto out_restore;
-       }
-       if (res == 0) {
-               char templ[] = "/tmp/fusermountXXXXXX";
-               char *tmp;
-
-               sigprocmask(SIG_SETMASK, &oldmask, NULL);
-               setuid(geteuid());
-
-               /*
-                * hide in a directory, where mount isn't able to resolve
-                * fsname as a valid path
-                */
-               tmp = mkdtemp(templ);
-               if (!tmp) {
-                       fprintf(stderr,
-                               "%s: failed to create temporary directory\n",
-                               progname);
-                       exit(1);
-               }
-               if (chdir(tmp)) {
-                       fprintf(stderr, "%s: failed to chdir to %s: %s\n",
-                               progname, tmp, strerror(errno));
-                       exit(1);
-               }
-               rmdir(tmp);
-               execl("/bin/mount", "/bin/mount", "-i", "-f", "-t", type,
-                     "-o", opts, fsname, mnt, NULL);
-               fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
-                       progname, strerror(errno));
-               exit(1);
-       }
-       res = waitpid(res, &status, 0);
-       if (res == -1)
-               fprintf(stderr, "%s: waitpid: %s\n", progname, strerror(errno));
-
-       if (status != 0)
-               res = -1;
-
- out_restore:
-       sigprocmask(SIG_SETMASK, &oldmask, NULL);
-
-       return res;
-}
 
 static int add_mount(const char *progname, const char *fsname,
                       const char *mnt, const char *type, const char *opts)
@@ -140,14 +77,6 @@ static int add_mount(const char *progname, const char *fsname,
                goto out_restore;
        }
        if (res == 0) {
-               /*
-                * Hide output, because old versions don't support
-                * --no-canonicalize
-                */
-               int fd = open("/dev/null", O_WRONLY);
-               dup2(fd, 1);
-               dup2(fd, 2);
-
                sigprocmask(SIG_SETMASK, &oldmask, NULL);
                setuid(geteuid());
                execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
@@ -172,16 +101,10 @@ static int add_mount(const char *progname, const char *fsname,
 int fuse_mnt_add_mount(const char *progname, const char *fsname,
                       const char *mnt, const char *type, const char *opts)
 {
-       int res;
-
        if (!mtab_needs_update(mnt))
                return 0;
 
-       res = add_mount(progname, fsname, mnt, type, opts);
-       if (res == -1)
-               res = add_mount_legacy(progname, fsname, mnt, type, opts);
-
-       return res;
+       return add_mount(progname, fsname, mnt, type, opts);
 }
 
 static int exec_umount(const char *progname, const char *rel_mnt, int lazy)