uid of person who mounts and user unmount

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



smbfs displays the uid of the mounter in show_mounts (viewable in /proc/mounts ) and this would allow a setuid unmount program to check the uid of the mounter via /proc/mounts (there is also an ioctl which does something similar).

Is this approach secure enough?

I slightly prefer an approach in which a program that wishes to check if the current->uid matches that of the mounter (or that uid which was specified on the mount command option and which was saved in the fs's superblock) simply calls an empty ioctl to the fs - which returns yes/no (the uid of the current process, matches the uid of the process that did the mount or not, this requires the fs to save the uid at mount but presumably has the disadvantage of opening a file to get a handle that you can use for the ioctl).

There are other ways to achieve somewhat similar effect - of allowing user mounts and unmounts via fstab - but I have had users request a way to do this via a setuid filesystem specific umount util.

Is there a security issue with displaying the uid of the mounter via the fs's show_mounts (shows up in /proc/mounts)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux