| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 26 Aug 2006 22:22:54 +0200 (MEST)
From: <Andries.Brouwer@....nl>
To: linux-kernel@...r.kernel.org
Subject: flaw in the mount system call
I no longer maintain mount or util-linux, but people still
send mail concerning mount. One letter complained that
asking for a bind mount with flags nosuid,noexec does not work,
while first doing the bind mount, and then afterwards doing
a remount with nosuid,noexec does work (but is insecure).
And indeed, looking at a random recent kernel source I see
mnt_flags := per_mountpoint_flags;
if (flags & MS_REMOUNT)
retval = do_remount(&nd, flags & ~MS_REMOUNT, mnt_flags,
data_page);
else if (flags & MS_BIND)
retval = do_loopback(&nd, dev_name, flags & MS_REC);
else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
retval = do_change_type(&nd, flags);
else if (flags & MS_MOVE)
retval = do_move_mount(&nd, dev_name);
else
retval = do_new_mount(&nd, type_page, flags, mnt_flags,
dev_name, data_page);
That is, the per-mountpoint flags are used for ordinary mounts
and for remounts, but ignored on bind mounts.
Probably do_loopback() should have an additional parameter.
Doing things one-by-one may be less good since it leaves a race.
Andries
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists