Bug 120132 - Cannot see contents of /mnt directory, but can access mounts
Cannot see contents of /mnt directory, but can access mounts
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: policy (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
triage|leonardjo|closed|rawhide
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-04-06 06:29 EDT by Albert Strasheim
Modified: 2007-11-30 17:10 EST (History)
2 users (show)

See Also:
Fixed In Version: 1.9.2-13
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-05-10 13:53:25 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Albert Strasheim 2004-04-06 06:29:00 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040312

Description of problem:
As root, I can cd to /mnt and see the contents of the directory (i.e.
my mount points os, data and data2). I can cd to the various mount
point directories.

As a normal user, I cannot see the contents /mnt, but I can cd to the
various mount point directories (mounted ro with umask=002).

As normal user:

cd /mnt
ls
ls: .: Permission denied
cd /mnt/os
ls
(ls displays the contents of the directory)
ls -ld /mnt
drwxr-xr-x  6 root root 4096 Apr  6 12:21 /mnt

Version-Release number of selected component (if applicable):
policy-1.9.2-10

How reproducible:
Always

Steps to Reproduce:
1. cd /mnt
2. ls
    

Actual Results:  Normal users cannot see the contents of the /mnt
directory

Expected Results:  Normal users should be able to see the contents of
the /mnt directory

Additional info:
Comment 1 Daniel Walsh 2004-04-06 06:57:07 EDT
Ok policy-1.9.2-13 adds the ability for a user to read mnt_t files. 
This is governed by the user_can_mount tunable which is turned on by
default.

Dan

Note You need to log in before you can comment on or make changes to this bug.