| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Mar 2014 12:31:35 -0600
From: Andreas Dilger <adilger@...ger.ca>
To: Phillip Susi <psusi@...ntu.com>
Cc: linux-ext4@...r.kernel.org
Subject: Re: [PATCH] mke2fs: don't interact with a non tty
On Mar 18, 2014, at 11:11 AM, Phillip Susi <psusi@...ntu.com> wrote:
> mke2fs displays an interactive y/n prompt for certain situations.
> This is not appropriate to do when stdin is not a tty.
>
> Signed-off-by: Phillip Susi <psusi@...ntu.com>
> ---
> misc/util.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/misc/util.c b/misc/util.c
> index 92ab79f..c469744 100644
> --- a/misc/util.c
> +++ b/misc/util.c
> @@ -71,6 +71,8 @@ void proceed_question(void)
> char buf[256];
> const char *short_yes = _("yY");
>
> + if (!isatty(0))
> + return;
This means that mke2fs will silently continue to format whatever accidental
device was specified on the command line, instead of stopping and asking the
user for confirmation. Instead, it should exit with an error in this case.
There is already the "-f" (force) option to override the cases where this
prompt is used, so if the user wants to do something unusual they should
use that as part of the script driving mke2fs.
The only time when I think "force" is required when it shouldn't be is in
case of full-device formatting. I don't think this should be considered a
problem unless there is already a partition table on the device. Formatting
the whole device is desirable to avoid alignment issues on RAID devices, so
I would be happy if that restriction was lifted.
Cheers, Andreas
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists