]> err.no Git - util-linux/commitdiff
mount: doesn't drop privileges properly when calling helpers
authorLudwig Nussel <ludwig.nussel@suse.de>
Thu, 20 Sep 2007 12:57:20 +0000 (14:57 +0200)
committerKarel Zak <kzak@redhat.com>
Sun, 23 Sep 2007 19:39:28 +0000 (21:39 +0200)
{,u}mount calls setuid() and setgid() in the wrong order and doesn't checking
the return value of set{u,g}id(() when running helpers like mount.nfs.

Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
mount/mount.c
mount/umount.c

index 40699f33d1b8095c8e74b21667ed08091859f162..5bc2b30c331146bd39b6932040d1cd3db5238d11 100644 (file)
@@ -634,8 +634,12 @@ check_special_mountprog(const char *spec, const char *node, const char *type, in
                 char *oo, *mountargs[10];
                 int i = 0;
 
-                setuid(getuid());
-                setgid(getgid());
+                if(setgid(getgid()) < 0)
+                        die(EX_FAIL, _("mount: cannot set group id: %s"), strerror(errno));
+
+                if(setuid(getuid()) < 0)
+                        die(EX_FAIL, _("mount: cannot set user id: %s"), strerror(errno));
+
                 oo = fix_opts_string (flags, extra_opts, NULL);
                 mountargs[i++] = mountprog;                            /* 1 */
                 mountargs[i++] = (char *) spec;                        /* 2 */
index b3100c9a0bf616e8b6ca877df8c38e772e3dc8f1..3221619832afd4e2c0a3c17b236c8270c257cc3f 100644 (file)
@@ -102,8 +102,12 @@ check_special_umountprog(const char *spec, const char *node,
                                char *umountargs[8];
                                int i = 0;
 
-                               setuid(getuid());
-                               setgid(getgid());
+                               if(setgid(getgid()) < 0)
+                                       die(EX_FAIL, _("umount: cannot set group id: %s"), strerror(errno));
+
+                               if(setuid(getuid()) < 0)
+                                       die(EX_FAIL, _("umount: cannot set user id: %s"), strerror(errno));
+
                                umountargs[i++] = umountprog;
                                umountargs[i++] = xstrdup(node);
                                if (nomtab)