From 1002156a0667a9c907465db39e758f74152e73e4 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Fl=C3=A1vio=20Leitner?= Date: Tue, 31 Jul 2007 12:42:14 +0200 Subject: [PATCH] mount: should set proper permissions on locktime MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit When creating the "/etc/mtab~" lockfile (specifically 'linktargetfile' in the lock_mtab function), the file is created with incorrect permissions ('000') which necessitates root to leverage CAP_DAC_OVERRIDE. If proper file modes (it would appear 0600 would be sufficient) were used in the open this would function properly with CAP_DAC_OVERRIDE revoked. $ sysctl -w kernel.cap-bound=0xf7fd7df5 $ mount -t tmpfs /dev/swap /mnt can't open lock file /etc/mtab~: Permission denied (use -n flag to override) Signed-off-by: Flávio Leitner Signed-off-by: Karel Zak --- mount/fstab.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mount/fstab.c b/mount/fstab.c index db90e693..0e00fc25 100644 --- a/mount/fstab.c +++ b/mount/fstab.c @@ -558,7 +558,7 @@ lock_mtab (void) { sprintf(linktargetfile, MOUNTLOCK_LINKTARGET, getpid ()); - i = open (linktargetfile, O_WRONLY|O_CREAT, 0); + i = open (linktargetfile, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR); if (i < 0) { int errsv = errno; /* linktargetfile does not exist (as a file) -- 2.39.5