On Mon, Feb 21, 2005 at 09:14:42AM -0500, pryzbyj wrote: > On Sun, Feb 20, 2005 at 03:59:20PM -0800, Tyler MacDonald wrote: > > Package: mount > > Version: 2.12p-2 > > Severity: grave > > Justification: user security hole > > > > > > If a non-root user mounts media (in my case, a CD-ROM), and attempts > > to kill the process (in my case, a mad combination of ^C and ^\), > > the filesystem can be mounted, yet not appear in /etc/mtab. I can't reproduce this. mount.c:856 blocks all signals, then tries to mount the fs, then updates mtab, then unblocks signals. I tested and this appears to ensure atomicity of the mount,mtab block WRT signals.
Justin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
