Date: Fri, 4 Mar 2011 05:56:13 +0300 From: "Dmitry V. Levin" <ldv@...linux.org> To: oss-security@...ts.openwall.com Subject: Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE On Thu, Mar 03, 2011 at 09:42:17PM -0500, Dan Rosenberg wrote: [...] > I discovered that essentially every suid mount helper that uses > addmntent() (or invokes util-linux mount, which in turn calls > addmntent()) to add entries to /etc/mtab fails to anticipate a low > value for RLIMIT_FSIZE, allowing unprivileged users to corrupt > /etc/mtab and possibly manipulate mountpoint options. Affected > software includes at least: [...] > There are a few possible options One more option is to replace /etc/mtab regular file with a symlink to /proc/mounts, thus making any /etc/mtab editing unneeded. -- ldv Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.