From: Miklos Szeredi Date: Mon, 31 Jan 2011 16:40:49 +0000 (+0100) Subject: Always call mount with --no-canonicalize option X-Git-Tag: fuse_2_8_6~4 X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=e9ae66eb4e7af14e2cd27b90f88b599b61f96e8a;p=qemu-gpiodev%2Flibfuse.git Always call mount with --no-canonicalize option Always call mount with --no-canonicalize option to prevent symlink attacks on mount. --- diff --git a/ChangeLog b/ChangeLog index 49f4e71..ff1c04f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,9 @@ prevent symlink attacks at umount. util-linux >= 2.18 or a suitably patched version is required. + * Always call mount with --no-canonicalize option to prevent + symlink attacks on mount. + 2010-11-08 Miklos Szeredi * Open /dev/null for write instead of read for redirecting stdout diff --git a/lib/mount_util.c b/lib/mount_util.c index 4230e63..d008fcc 100644 --- a/lib/mount_util.c +++ b/lib/mount_util.c @@ -54,69 +54,6 @@ static int mtab_needs_update(const char *mnt) return 1; } -static int add_mount_legacy(const char *progname, const char *fsname, - const char *mnt, const char *type, const char *opts) -{ - int res; - int status; - sigset_t blockmask; - sigset_t oldmask; - - sigemptyset(&blockmask); - sigaddset(&blockmask, SIGCHLD); - res = sigprocmask(SIG_BLOCK, &blockmask, &oldmask); - if (res == -1) { - fprintf(stderr, "%s: sigprocmask: %s\n", progname, strerror(errno)); - return -1; - } - - res = fork(); - if (res == -1) { - fprintf(stderr, "%s: fork: %s\n", progname, strerror(errno)); - goto out_restore; - } - if (res == 0) { - char templ[] = "/tmp/fusermountXXXXXX"; - char *tmp; - - sigprocmask(SIG_SETMASK, &oldmask, NULL); - setuid(geteuid()); - - /* - * hide in a directory, where mount isn't able to resolve - * fsname as a valid path - */ - tmp = mkdtemp(templ); - if (!tmp) { - fprintf(stderr, - "%s: failed to create temporary directory\n", - progname); - exit(1); - } - if (chdir(tmp)) { - fprintf(stderr, "%s: failed to chdir to %s: %s\n", - progname, tmp, strerror(errno)); - exit(1); - } - rmdir(tmp); - execl("/bin/mount", "/bin/mount", "-i", "-f", "-t", type, - "-o", opts, fsname, mnt, NULL); - fprintf(stderr, "%s: failed to execute /bin/mount: %s\n", - progname, strerror(errno)); - exit(1); - } - res = waitpid(res, &status, 0); - if (res == -1) - fprintf(stderr, "%s: waitpid: %s\n", progname, strerror(errno)); - - if (status != 0) - res = -1; - - out_restore: - sigprocmask(SIG_SETMASK, &oldmask, NULL); - - return res; -} static int add_mount(const char *progname, const char *fsname, const char *mnt, const char *type, const char *opts) @@ -140,14 +77,6 @@ static int add_mount(const char *progname, const char *fsname, goto out_restore; } if (res == 0) { - /* - * Hide output, because old versions don't support - * --no-canonicalize - */ - int fd = open("/dev/null", O_WRONLY); - dup2(fd, 1); - dup2(fd, 2); - sigprocmask(SIG_SETMASK, &oldmask, NULL); setuid(geteuid()); execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i", @@ -172,16 +101,10 @@ static int add_mount(const char *progname, const char *fsname, int fuse_mnt_add_mount(const char *progname, const char *fsname, const char *mnt, const char *type, const char *opts) { - int res; - if (!mtab_needs_update(mnt)) return 0; - res = add_mount(progname, fsname, mnt, type, opts); - if (res == -1) - res = add_mount_legacy(progname, fsname, mnt, type, opts); - - return res; + return add_mount(progname, fsname, mnt, type, opts); } static int exec_umount(const char *progname, const char *rel_mnt, int lazy)