lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <A5AC507A-847C-496C-99FF-DE48BE224D80@dilger.ca>
Date:	Tue, 18 Mar 2014 12:31:35 -0600
From:	Andreas Dilger <adilger@...ger.ca>
To:	Phillip Susi <psusi@...ntu.com>
Cc:	linux-ext4@...r.kernel.org
Subject: Re: [PATCH] mke2fs: don't interact with a non tty

On Mar 18, 2014, at 11:11 AM, Phillip Susi <psusi@...ntu.com> wrote:
> mke2fs displays an interactive y/n prompt for certain situations.
> This is not appropriate to do when stdin is not a tty.
> 
> Signed-off-by: Phillip Susi <psusi@...ntu.com>
> ---
> misc/util.c | 2 ++
> 1 file changed, 2 insertions(+)
> 
> diff --git a/misc/util.c b/misc/util.c
> index 92ab79f..c469744 100644
> --- a/misc/util.c
> +++ b/misc/util.c
> @@ -71,6 +71,8 @@ void proceed_question(void)
> 	char buf[256];
> 	const char *short_yes = _("yY");
> 
> +	if (!isatty(0))
> +		return;

This means that mke2fs will silently continue to format whatever accidental
device was specified on the command line, instead of stopping and asking the
user for confirmation.  Instead, it should exit with an error in this case.

There is already the "-f" (force) option to override the cases where this
prompt is used, so if the user wants to do something unusual they should
use that as part of the script driving mke2fs.

The only time when I think "force" is required when it shouldn't be is in
case of full-device formatting.  I don't think this should be considered a
problem unless there is already a partition table on the device.  Formatting
the whole device is desirable to avoid alignment issues on RAID devices, so
I would be happy if that restriction was lifted.

Cheers, Andreas






Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ