lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 05 Nov 2010 21:30:56 +0300 From: Michael Tokarev <mjt@....msk.ru> To: Pádraig Brady <P@...igBrady.com> CC: Linux-kernel <linux-kernel@...r.kernel.org> Subject: Re: Detecting bind-mounts 05.11.2010 13:24, Pádraig Brady wrote: > On 04/11/10 20:45, Michael Tokarev wrote: [] >> There are 2 (mostly) different kinds of applications. One >> is cp/tar/find with --same-filesystem option (or equivalent), >> that should not cross mountpoints. And one more, apps like >> mountpoint(1) from sysvinit - a utility to determine if a >> given path is a mountpoint. >> >> Neither of the two work when two directores on the same >> filesystem are bind-mounted. [] > The `stat` command recently got support for > printing the mount point for a file: > http://git.savannah.gnu.org/gitweb/?p=coreutils.git;a=commit;h=ddf6fb86 > > `stat` will output the alias for a bind mounted file > while `df` will output the initial mount point of its backing device > So you could do something like: > > file=. > df_mnt=$(df -P "$file" | sed -n '2s/.* \([^ ]*$\)/\1/p') > stat_mnt=$(stat -c%m "$file") > test "$df_mnt" = "$stat_mnt" || echo "bind mount" This is incorrect in two ways. First of all, stat(1), even after that commit you quote, still compares st_dev fields, which are the same for this and parent directory in case of bind mount. So this version of stat(1) does _not_ detect a bind mount, unfortunately. Second, I asked for a low-level way to detect such a mount. I know how to do it not as efficient as stat(2) and not as reliable but much simpler than you propose above, in shell or in C, and I already provided that way in my original email: we just parse /proc/mounts file, this is faster and more reliable than the above shell fragment which calls a few external commands. In the above example, both stat(1) (even the one with the commit you refers to) and df(1) reports the same for the case I'm referring to, the both fails to detect a bind- mount. Thanks! /mjt -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists