562074 – kernel: vfs: add MNT_NOFOLLOW flag to umount(2) [rhel-4.9]

Bug 562074 - kernel: vfs: add MNT_NOFOLLOW flag to umount(2) [rhel-4.9]

Summary: kernel: vfs: add MNT_NOFOLLOW flag to umount(2) [rhel-4.9]

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 4
Classification:	Red Hat
Component:	kernel
Sub Component:
Version:	4.9
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Josef Bacik
QA Contact:	Red Hat Kernel QE team
Docs Contact:
URL:
Whiteboard:
Depends On:	562072 562078 673177
Blocks:
TreeView+	depends on / blocked

Reported:	2010-02-05 07:22 UTC by Eugene Teo (Security Response)
Modified:	2013-01-11 02:45 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:	562072
Environment:
Last Closed:	2010-12-14 14:38:59 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Eugene Teo (Security Response) 2010-02-05 07:22:35 UTC

+++ This bug was initially created as a clone of Bug #562072 +++

Description of problem:
[RFC PATCH] vfs: add MNT_NOFOLLOW flag to umount(2)

From: Miklos Szeredi <mszeredi>

Add a new MNT_NOFOLLOW flag to umount(2).  This is needed to prevent
symlink attacks in unprivileged unmounts (fuse, samba, ncpfs).

Additionally, return -EINVAL if an unknown flag is encountered.  This
makes it possible for the caller to determine if a flag is supported
or not (at least on kernels with this patch).

Discussion is at:
http://patchwork.kernel.org/patch/77169/

Note You need to log in before you can comment on or make changes to this bug.