Bug 188091 - hal does not adhere to fdi policy for mount options
hal does not adhere to fdi policy for mount options
Product: Fedora
Classification: Fedora
Component: hal (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: David Zeuthen
Depends On:
Blocks: 188092
  Show dependency treegraph
Reported: 2006-04-05 18:34 EDT by Christopher Aillon
Modified: 2013-03-05 22:45 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-09-28 19:31:05 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Christopher Aillon 2006-04-05 18:34:22 EDT
Description of problem:

I edited /usr/share/hal/fdi/policy/10osvendor/20-storage-methods.fdi to remove
the two lines that contained noexec as valid mount options.  If I understand
correctly, not having "noexec" as a valid option should cause it to not be
applied.  After I inserted a usb key, it still got mounted as noexec, based on
the shell script /usr/share/hal/scripts/hal-system-storage-mount which mounts
with noexec.

I have restarted my machine (yes, this means hal) and the problem persists.


Davidz suggests I file this as a security bug.
Comment 1 David Zeuthen 2006-04-05 23:07:15 EDT
Right, I did suggest to file this as a security bug just in case. However, the
effect is that noexec always gets applied and that was intended back then when I
wrote the /usr/share/hal/scripts/hal-system-storage-mount script - in fact just
to be on the safe side we always append noexec,nosuid,nodev. 

(btw, in upstream hal this rather fragile (yet secure I'd argue) script is
replaced by C code using glib and I feel a lot more confident that way)

I agree with you insofar that the right answer here is to allow both 'exec' and
'noexec' and make e.g. gnome-mount uses 'noexec' as default and 'exec' for
fixing the autorun case (which you filed as bug 188092)... 

This is relaxing things a little bit but, really, noexec never really made
things secure as users could always move files to /tmp or $HOME and chmod a+x
said file. Surely we still want to apply nodev and nosuid.

So there is no security issue here. I'm adjusting this bug to remove the
security senstive flags etc.

I have made a note to fix this upstream. Patches against HAL CVS HEAD welcome.
Comment 2 David Zeuthen 2006-09-28 19:31:05 EDT
This can be closed now I think.
Comment 3 David Zeuthen 2006-09-28 19:34:12 EDT
(see explanation in bug 188092 for details)

Note You need to log in before you can comment on or make changes to this bug.