Attachment 1454710 Details for Bug 1594707 – Move where the secure options are added

[patch] Move where the secure options are added

bz1594707.patch (text/plain), 1.25 KB, created by Alice Mitchell on 2018-06-26 16:07:37 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Alice Mitchell

Created: 2018-06-26 16:07:37 UTC

Size: 1.25 KB

patch

obsolete

>Only in nfs-utils-1.2.3.working/: tags
>diff -ur nfs-utils-1.2.3.pristine/utils/mount/mount.c nfs-utils-1.2.3.working/utils/mount/mount.c
>--- nfs-utils-1.2.3.pristine/utils/mount/mount.c	2018-06-26 16:03:54.433000002 +0100
>+++ nfs-utils-1.2.3.working/utils/mount/mount.c	2018-06-26 16:59:29.832999598 +0100
>@@ -59,9 +59,6 @@
> #define FOREGROUND	(0)
> #define BACKGROUND	(1)
> 
>-/* These flags need to be set for user mounts */
>-#define MS_SECURE	(MS_NOEXEC|MS_NOSUID|MS_NODEV)
>-
> static struct option longopts[] = {
>   { "fake", 0, 0, 'f' },
>   { "help", 0, 0, 'h' },
>@@ -555,8 +552,11 @@
> 		 * to us, so it is non-trivial to test that we have the correct
> 		 * set of options and we don't want to trust what the user
> 		 * gave us, so just take whatever is in /etc/fstab.
>+		 *
>+		 * not-root implies 'user' option which implies
>+		 * 'nouser,nodev,nosuid' so we add them here
> 		 */
>-		mount_opts = strdup(mc->m.mnt_opts);
>+		asprintf(&mount_opts, "noexec,nodev,nosuid,%s", mc->m.mnt_opts);
> 	}
> 
> 	mount_point = canonicalize(mount_point);
>@@ -577,9 +577,6 @@
> 
> 	parse_opts(mount_opts, &flags, &extra_opts);
> 
>-	if (flags & (MS_USERS|MS_USER))
>-		flags |= MS_SECURE;
>-
> 	if (uid != 0) {
> 		if (!(flags & (MS_USERS|MS_USER))) {
> 			nfs_error(_("%s: permission denied"), progname);

Actions: View | Diff

Attachments on bug 1594707: 1454710 | 1474356